use a non-american CA
I'd love to see you ditch Geotrust for a non-symantec affiliated CA. Or even non-us CA for that matter.
With our regular certificate update we will switch to a non-symantec certificate in a few days. The security of a CA does not depend on the country it is based in because every CA can publish certificates for any domains. Therefore we will not necessarily use a non-US CA.
Does tutanota have any opinion on this right now?
Totally agree with you!
I've listed a few european CAs with no ties to the US and any cross signing:
Owner: Buypass AS
Location: Oslo, Norway
Used by: Many companys around the World.
Owner: Unizeto Technologies S.A.
Location: Stettin, Poland
Used by: Many companys around the World and Poland, link Lot.
Owner: Bundesdruckerei GmbH
Location: Berlin, Germany
Used by: n/a
Owner: SwissSign AG
Location: Glattbrugg, Switzerland
Used by: Doesn't need an introduction.
Owner: T-Systems International GmbH
Location: Frankfurt am Main, Germany
Used by: Almost all universities in Germany.
Owner: QuoVadis Limited
Location: Hamilton, Bermuda
Used by: Protonmail, for example.