New Root & Escrow Project


After the audit over the CAcert root certs failed in 2008, a New Roots Task Force was created and generated several requirements and tasks for Roots generation, Roots Structure and Escrow Procedures. Over several years, the output of the Task Force was somewhat low.
In 2012 the new elected board stepped in to take the first decisions on Escrow.
In 2012, Apple decided to disallow Certificates using the MD5 hash algorithm in iOS 5 and later.1
To prevent the CAcert community from further shortfalls with this issue, a new New Root Initiative was build with the authors of this document.
This short document is the Initiative’s proposal how to solve the further exclusion of iOS users, to be compliant to the future standards, and to be audit ready with the root certificates.



Roots/NRE (last edited 2016-07-23 22:18:09 by BenediktHeintel)