[At-Large] R: IGO names: is this worth war?
John R. Levine
johnl at iecc.com
Sat Nov 5 10:38:52 UTC 2016
> With what I propose the IGO's can easily set up their own highly exclusive CA
> and make it clear that if the cert chain does not originate there then the
> name is bogus. Easy to do. And it requires no expansion of ICANN's role.
And the locks from the wonderful CA will look just like the ones from
Let's Encrypt, so it won't help users at all. Or if they send spam, I
suppose they could sign stuff with S/MIME, but users don't understand what
an S/MIME icon in a mail program means, and none of the popular webmail
systems don't handle S/MIME at all.
If you're imagining that browser makers would change their browsers to
display the lock from the wonderful CA in a particularly wonderful way,
good luck with that.
More information about the At-Large