[Cryptography] distrusted root CA: WoSign

[Peter Gutmann]

Salz, Rich <rsalz at akamai.com> writes:
>> I am not suggesting you write a patch, I am suggesting you propose
>> something that actually works instead of whining about how the system is
>> fixed. So far, I have seen no such proposal.
>
>Dissolve CABForum and host it under IETF or OASIS or any other open standards
>organization.

I would say get the EFF or someone similar to run it.  Both of those groups,
while nominally open, are way too easy to render captive to vendor interests.
I'm not saying they do bad work, but that the structure is very vulnerable to
vendor stacking.

Peter.