First page Back Continue Last page Graphics
Additional Idea: Automatic Failover
Introduce optional redundancy into SSL/TLS
Instead of always using a single server certificate, enhance the SSL/TLS protocol to allow a list of two alternative server certificates
Servers could be configured to use two certificates from two different CAs (same keypair for both?)
If a root CA gets revoked because of a compromise, and clients fail to validate a server's certificate (e.g. no valid voucher), clients can fall back to use the alternative certificate