Purpose
The purpose of the Encryption Working Group is to devise an official Root Certification Authority system for issuing server certificates to OpenNIC domains and user certificates to OpenNIC members. Click here to join the group and learn more.- To do:
- Devise a system of generating the private keys for a root CA in a manner that can be trusted by the OpenNIC community. It should ideally:
- Not put the keys under the control of a single member.
- Be kept completely offline. Even keeping the keys on a Raspberry Pi Zero would suffice, just needs to be airgapped.
- Hopefully split into pieces among WG members to ensure no one member can issue certificates.
- Should intermediate CAs be generated for every Tier 1 operator to issues certificates to users, or should we offer a centralized issuance system operated by OpenNIC/This WG?
CategoryEncryptionWG
