Author: Saïvann Carignan 2013-12-08 09:03:38
Published on: 2013-12-08T09:03:38+00:00
In a thread on the Bitcoin-development mailing list, Odinn Cyberguerrilla shared his thoughts on the possible issues that could arise with Certificate Authorities (CAs) related to bitcoin.org. In August 2013, he commented in a blog post about DigiCert's certificate and its ability to revoke a certificate without notice if it believes that the private key associated with the certificate was compromised, or if the applicant is added to a government list of prohibited persons or entities. At the time of Odinn's post, bitcoin.org had no certificate or encryption, and users were sent to download the bitcoin-qt client from Sourceforge, which has a certificate based on GeoTrust. Currently, bitcoin.org shows as "not verified" and "not encrypted" when examined with Chrome. The discussion then shifted to the possibility of moving bitcoin.org to a dedicated server with an SSL certificate. However, Saïvann raised concerns over forward secrecy, binaries hosting/sharing, revocation, and decentralization. Regarding decentralization, while the content of bitcoin.org can be forked on GitHub, the website itself is centralized due to the use of DNS. Several ways of decentralizing the website were discussed, including Tahoe-LAFS and .bit stuff (namecoin). These topics have been previously discussed in Bitcointalk forums.
Updated on: 2023-06-07T22:02:36.337238+00:00