Discuss mailing list

[Jonah Aragon <jonah AT triplebit.net>]

That GitHub repository is strictly for other CA operators (like Matthias) only, no need to be concerned with it. The ModernTLD CA will be a web-interface where users can upload a CSR, etc. and receive a signed certificate.  

Hopefully it will be released by Jan-Feb ‘18. 

P.S. Matthias: submit a PR as detailed in the README whenever you’re able. Hopefully the CT server will be online sometime this week. 

Jonah

On Mon, Jan 1, 2018 at 12:38 AM Dmitry S. Nikolaev <dn AT mega-net.ru> wrote:

I think it will be useless to do CA this way. Especially for users who
are not administrators.

Web-interface needed if you want users to use it.

Yes, you can tell that web-interface is not secured and I will agree.
But you can divide CA project in two parts:
- web-interface
- CA functions
And separate them to different servers.
Web-interface send commands to CA via client-server only and so you can
strictly firewall CA server.

This way I done it when wrote own CA for my company.
Maybe my experience will be useful for you.

With best regards, Dmitry S. Nikolaev
Moscow, Russia

On 01.01.2018 04:12, Jonah Aragon wrote:
> https://github.com/moderntld/moderntld-trust-store
>
> Jonah


--------
You are a member of the OpenNIC Discuss list.
You may unsubscribe by emailing discuss-unsubscribe AT lists.opennicproject.org