That would indeed be the "least" of your problems, albeit still a major undertaking in my opinion.
The big issue in my opinion, is to get the "standard" browser manufacturers to include the certficates signed by the "non-profit consortium" in the list of certificate authorities whose certificates are accepted by default. Without that, the browser will still display the rather unsettling message to the user. As you said yourself: "This damages your site's credibility and will result in a drastic loss of confidence on the part of your potential customers.". So any effort you try in that respect, would need to the full cooperation of Microsoft, it being responsible for +95% of the browsers used in the world (something I'm not happy with, but which is a reality nonetheless). You ponder the likelihood of Microsoft cooperating with such a venture.
I think you need to ask yourself why you would need a certificate. If it's for a webshop, then there are plenty of solutions available where the actual payment is handled by a payment handler where you can piggyback on the certificate of the payment handler. If you're interested in preventing eavesdropping for a particular application, I think you can explain to the users why they will be getting the unsettling message and just sign the certificate yourself.
Wish I could give some more positive comments. But with the current financial interest of the Internet, I don't see a non-profit consortium happening anymore. I think it would be simply too little, too late.
Liz
In reply to Re: (OT) SSL Certificates: Self-Signing and Alternative Solutions
by liz
in thread (OT) SSL Certificates: Self-Signing and Alternative Solutions
by Anonymous Monk
| For: | Use: | ||
| & | & | ||
| < | < | ||
| > | > | ||
| [ | [ | ||
| ] | ] |