Hacker 10 – Security Hacker

Computer security
Menu
  • Anonymity
  • Encryption
  • Mobile Phone
  • Other
  • Security

Protect your privacy with a no logs VPN!

Join TorGuard
Home
Security
Convergence, a digital Certificate Authority replacement
Security

Convergence, a digital Certificate Authority replacement

John Durret 5 May, 2012

Convergence is an open source project that wants to replace Certificate Authority organizations issuing standardized X.509 digital certificates and confirm that the company signing it is who they say they are, for which a fee is normally charged, it can be very expensive to get a reputable Certificate Authority  (i.e. Verisign, GeoTrust)  that is included in all major Internet browsers root to confirm your identity. There has also been instances in which a Certificate Authority has been hacked by criminals, and likely nation states, to sign their unauthorized digital certificates with the own CA private keys allowing them to launch man-in-the-middle attacks against which the user has no defense.

It is possible for someone to create a self-signed digital certificate, or buy a cheap one from a small Certificate Authority, but this will cause the Internet browser to beam a security warning during the SSL handshake and it easily scares off people not familiar with computer security.

Convergence P2P digital certificate authority replacement

Convergence P2P digital certificate authority replacement

Convergence allows people to configure a dynamic set of notaries that use the whole network to validate the communication, instead of having someone else telling you who to trust a whole set of users decide who is trustable.

Anyone can run their own notary, the notary trust level can be set by the whole network of multiple notaries, information exchange is immediate and hides the user IP address, Convergence intends to eliminate the problem that comes with blindly trusting a single Certificate Authority and places trust in the hands of the whole community using the notaries network to check a digital certificate history before validating it, for this to work it will be necessary a large number of notaries.

Visit Convergence homepage

Note: Only available for Firefox users as an addon.

Reddit
Tweet
Email
Prev Article
Next Article

Related Articles

The best XMPP/Jabber servers for anonymous chat
Jabber/XMPP is a decentralised instant messenger using the open source XMPP …

The best XMPP/Jabber servers for anonymous chat

AttackVector Linux for penetration testing using Tor
AttackVector Linux is a Debian based distribution combining elements from …

AttackVector Linux for penetration testing using Tor

About The Author

John Durret

Hacker 10 – Security Hacker

Computer security
Copyright © 2025 Hacker 10 - Security Hacker
Privacy by TorGuard VPN