On Sun, Sep 08, 2013 at 03:13:39PM -0400, John C Klensin wrote: > On the CA side, one of the things I think is needed is a rating > system (or collection of them on a "pick the rating service you > trust" basis) for CAs, with an obvious extension to PGP-ish key > signers. In itself, that isn't a problem with which the IETF > can help. Well, it _was_: we had a whole working group (REPUTE) that was established to try to provide a protocol for such rating systems. Participation was poor. In particular, it was very difficult to get high quality document review. LC just ended on most of the documents, I note. Best, A -- Andrew Sullivan ajs@xxxxxxxxxxxxxxxxxx