Author

Topic: Validation of honest websites by means of issuing 'authenticated' SSL certificat (Read 937 times)

member
Activity: 70
Merit: 10
Currently certificates are only as good as matching a company name to the content you are viewing.  The existing CAs don't provide users with ANY level of anti-fraud, for this CA this is the founding principle.

Top level view:
Underling CA, with luck level 4 and below, will approach site OP keeping their identity secret.  The site OP will learn by way of having a certificate signed that the CA is indeed who they claim to be.  The OP will get a hint on how to get a level n-1 cert signed.  An OP should not be able(see below on how we intend to provide a quality service) to get an n-1 cert signed if there is not a level n cert, thus having a level 4 cert means the OP has been reviewed by several CAs.  With a level 4 cert there are 4 CAs who can revoke the cert, it would only take one getting wind of any scandal.


How it works behind the curtain:
Individual(s) start a root CA and accept in private CA CSRs, who then do the same... but this time in more secret.  The goal is to publicly looks like the Bitcoin mining pools, many anonymous individuals who are invested in the success of the system.  Any dishonest CAs or Site can easily be revoked and browsers will fail to recognize any of the sites they helped to validate.  Many different root CAs prevent the system from being subverted at that level, when a dishonest root CA is discovered ppl will revoke all the certs they've signed, causing the users to be alerted.  Users will install whatever root CAs they trust, there ideally would be more than one.


1. Decentralized group of individuals.
2. Difficult to obtain and simple to loss for OP.
3. Guided tour based.
4. The tour itself is advertising, sites that don't have one are scams.

Access to server certificates is invite only, participation as a CA is voluntary.

There is a laborious list of activities that will get a certificate revoked, we hold these to be self evident.  For example one person who creates a chain of certificates or who otherwise pretends to be multiple, a single fraud and the work put in to obtain good standing will...  need to be repeated.  It's also  proof of work system, as well as a tour.  The root CA should have some visibility to the CAs level 7 and above, this could be hundreds of ppl.  The members of this anonymous community should all continually try to determine if there is any fraud existing within.  Having Proof that two or more CAs are operated by a single person would cause both to be revoked.

How to get started:

1. Get the tools and know how to create a Subordinate CA, I use tinyca but could not tell how to use it to make a subordinate.
2. Get bitmessage working.  Being anonymous is key for most positions...  even the root CA could be anonymous.  It's the quality of there revocations that identifies them.
3. Have A stable URL to host the CRL that you can change at any time.  The CRL can be text, so online notepads may suffice.
4. Contact a CA, you may be directed to another by the person you contact.
5. Make sure to record everything and be able to prove that the information you'r providing existed before it was requested you provide it.


https://excaliburponzi.com/root.crt
https://excaliburponzi.com/root.crl

BM-2cXxyk3gfco3Drib4iMPhVURBYnMYzk2Hp

DC:20:7A:81:88:23:49:0A:48:A1:6A:0B:E7:92:2E:DD:EF:46:CB:79
https://excaliburponzi.com/4c35f023.0
-----BEGIN CERTIFICATE-----
MIIGPDCCBCSgAwIBAgIJALziQZgC8pdGMA0GCSqGSIb3DQEBBQUAMD0xCzAJBgNV
BAYTAlBZMS4wLAYDVQQDEyUxRXhjYWxpYnVyIFJvb3QgQ2VydGlmaWNhdGUgQXV0
aG9yaXR5MB4XDTE1MDMwOTA2MTUxM1oXDTI1MDMwNjA2MTUxM1owPTELMAkGA1UE
BhMCUFkxLjAsBgNVBAMTJTFFeGNhbGlidXIgUm9vdCBDZXJ0aWZpY2F0ZSBBdXRo
b3JpdHkwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDHzktQuqNwzedK
+ig7b2SlsJ55GI88GyVcD2wMVOWLWHB8YpBjQ9xA+AzxWUpIYIEM+/n5/+3uvNQc
OwKpLW02vQa/G6DNS9orH4/QtH+jLay+K9YYG97VTo1fx2OL2RwCWiAM1QxT/W7/
Q48AMNPX0kkOh0r6vv7JOTg/D6YF9ui1xZAA+uaOUbEHHE6q0ikqRYcAaotmh6B6
wyui0s3IJFpuRdH5IzIyIbkR94sdm2x+tcdedADMvDjYluygCHgx/uQkCUWWsb79
MuQzN0FzlylZa9r+ny/H1CHbGNChoPCViWPS1cmcFBtE6mpIHkmo2FpeBMY5JY9s
kcMjdh2QMRd35Xjcv13Fv6ZTfk+WoParoc+W02R3Y+HabpwRDUiVLXJTYJmFihCz
LwRhhpNXsEnyOLczOc6hu1fqOG7bDrUOFNpT63Bu5n8MdqM/1uhVEbZ6YfIbl15H
0t5J3t2MbA3mo7ruTTrmp5NN5AukJIfFUrAXvVTIyXnAJTR0+8cEMM+H3M7Vc1PH
NOUb7IIVh9hxGB3tSiZDMvO7uH3fOQlynxFjYQpUqmEyAAyPQShHvts47aR2SHuh
IQIh60O21LwW61+l+Da4+yQavB9I3dFEav5ETJ73MYeN5CijR+0Vz0y8rMM352Rp
R15iKT5iwetdJo5AoqIlq049aTTSEwIDAQABo4IBPTCCATkwHQYDVR0OBBYEFNwg
eoGII0kKSKFqC+eSLt3vRst5MG0GA1UdIwRmMGSAFNwgeoGII0kKSKFqC+eSLt3v
Rst5oUGkPzA9MQswCQYDVQQGEwJQWTEuMCwGA1UEAxMlMUV4Y2FsaWJ1ciBSb290
IENlcnRpZmljYXRlIEF1dGhvcml0eYIJALziQZgC8pdGMA8GA1UdEwEB/wQFMAMB
Af8wEQYJYIZIAYb4QgEBBAQDAgEGMAkGA1UdEgQCMAAwKwYJYIZIAYb4QgENBB4W
HFRpbnlDQSBHZW5lcmF0ZWQgQ2VydGlmaWNhdGUwMgYJYIZIAYb4QgEDBCUWI2h0
dHBzOi8vZXhjYWxpYnVycG9uenkuY29tL3Jvb3QuY3JsMAkGA1UdEQQCMAAwDgYD
VR0PAQH/BAQDAgEGMA0GCSqGSIb3DQEBBQUAA4ICAQBT27iv+wfqQ3kL4zR0MMI5
CcVkyrATRgvpxvStzAsDxjRH7rym2yOcrl00mAl6tiPRDCcMZyMa1761Swq/xv5e
mZchGEjJ/GDHphOVxZTFg0YbL9aYRGASiZ6CM5KZ8p95UScWq1QlrlywfyXFWSHW
GPB4fFCCYC2xoTRPF+m8cHJ0CVcLBw6DFY/O3monn6EhKomm1lopLOo3N/EdRW4O
DoL7bPDgRXilYQ1nFxslvh6uH20Ry60CibTVi3uGTAReekdYhtaTw5nlM0d9ux2W
aImiSD7s/uKaIvF0qns/+sLaL3BpPUWoSMamokZDgYISmEi4B4v9+rgtJMp4rrPf
rdCgr+nKH+jt+/m60ITPAvmHQYxvSpaeSi2v1nFIQ82P/a9Ya5Jo3xb6djX4fDwM
dJa7A3bhtvvguSIb2jLuMi2dm5RiKQ/UwJyT/Bfy1Fy2HDV5Y1kVvqLPjMv86N8D
oi3dXwbdQiiCFDowTHreNoCWmgP8OQ6pEhgG7JVJoZIRyWDQryGrGnmck+ACKjT1
JyHvjI7wWeZMvtH2iCoK6nzF1JKdYN0yjFdlIlj7VZQ5uriP5Hat3kC/RDNnncLK
2lGn/mD6/H+ft9A26cKfsJj0DvdmQ5d8ZlRIJsS6spSTefyequXH2RHkc8ohZbwB
yKuK4lh/ZCppx0a603m2Cw==
-----END CERTIFICATE-----
Jump to: