Publié le

Mozilla Sustainability – ssl certificates?

Mozilla are Recognized as Most Trusted Internet Company for Privacy and I think we can exploit this potential for good if we do a certification authority. Doing that we can get revenues and help the world to have a trusted web.

After Heartbleed and Internet surveillance issues denounced by Snowden and Assange people and organizations are more interested in security issues, is a good time to explore this market and Mozilla can play a fundamental roll there, maybe Mozilla can become « The Certification Authority » for the Internet Operative System.

Product:

For now is a brain storm. I can elaborate a more complete proposition  but I will explain the process and user experience with this example related with online banking:

TheBank: Hello, I’m TheBank, my business to is do money with financial services, I’m not an expert in Internet like Google or Mozilla but I have to offer web services like online banking because people are going in this direction and we can’t lost this market.  I trust my IT-Infraestructure team  and Outsourcing company to do this job.

Outsourcing: Hello, our business is do money developing beautiful software applications, our commercial team is aggressive and they got a project to develop the online banking app for TheBank. Last week we lost the most important members in our security team but we can’t go back with this project.

IT-Infraestructure: We maintain  TheBank infrastructure where the online banking application developed by Outsourcing run, we are not good like people working for Internet companies but we do our best, we pay to UnknowNameCA  verify TheBank identity online with a digital SSL certificate for banking.thebank.com

User: Hello, my name is User, I have an account in TheBank and I trust when I see the https:// in my browser with a padlock

UnknowNameCA: Hello, we are UnknowNameCA, my business is to sale SSL certificates ever if regular people doesn’t know who I am, they trust in sites using SSL certificates provided by me when they see the https:// in their browser with a padlock like TheBank online banking site.

As you can see we have two problems in this ecosystem, the first is related with Certification Authorities, a good example is the case related with DigiCert SDN  if people trust us, why not go ahead in this market?

The second problem is:  verify the identity is not a guarantee of security, applications developed without security practices and bad deployments can show a nice green certificate :(   I think we can propose something to improve the user experience and understanding of risks and secure environments in Internet, like a new kind of digital SAS70 or ISO 27001 certification included in the SSL certificate with a visual identification. That can made the difference in the beginning between us and others.

Comments are welcome, this is only one idea because I <3 Mozilla and I we need to find sustainability options if we wan to continue with our mission.

About these ads

À propos de Fredy Rouge

Leader, Créatif, Autodidacte et Geek ☺

Une réponse à “Mozilla Sustainability – ssl certificates?

  1. karl

    > As you can see we have two problems in this ecosystem, the first is related with Certification Authorities, a good example is the case related with DigiCert SDN if people trust us, why not go ahead in this market?

    Because one of the reasons of the trust is specifically to be powerless. When someone becomes powerful enough to have control on a too big number of people, the trust gets a hit.

    It’s also one of the reasons that any thinking systems based on ‘let’s be the $ONE_THING’ is flawed in some fashion. People need to be empowered, not fed with an illusion of a better island. :)

Laisser un commentaire

Entrez vos coordonnées ci-dessous ou cliquez sur une icône pour vous connecter:

Logo WordPress.com

Vous commentez à l'aide de votre compte WordPress.com. Déconnexion / Changer )

Image Twitter

Vous commentez à l'aide de votre compte Twitter. Déconnexion / Changer )

Photo Facebook

Vous commentez à l'aide de votre compte Facebook. Déconnexion / Changer )

Photo Google+

Vous commentez à l'aide de votre compte Google+. Déconnexion / Changer )

Connexion à %s