[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Savannah-hackers-public] SSL certificates
|
From: |
Michael Casadevall |
|
Subject: |
Re: [Savannah-hackers-public] SSL certificates |
|
Date: |
Sat, 13 Sep 2008 01:28:32 -0400 |
I should note some Linux distributions, such as Debian and Fedora
include the CAcert root certificate so having it won't be quite so bad
as having just a totally self-signed certificate.
Michael
On Fri, Sep 12, 2008 at 8:16 PM, Noah Slater <address@hidden> wrote:
> On Fri, Sep 12, 2008 at 10:55:10PM +0200, Sylvain Beucler wrote:
>> > I've put in the order for both savannah.gnu.org and savannah.nongnu.org.
>> > So I hope we'll get them soon.
>>
>> OK, there's a plan to use CAcert.org. I'd rather do instead of wasting
>> money on "trust".
>
> I agree that the whole SSL certificate industry is a farce, but unfortunately
> there doesn't seem to be any other option for improving the user experience.
>
> From the Wikipedia article on CAcert:
>
> As of 2005, certificates issued by CAcert are not as useful in web browsers
> as
> certificates issued by commercial CAs such as VeriSign, because most
> installed
> web browsers do not distribute CAcert's root certificate. Thus, for most web
> users, a certificate signed by CAcert behaves like a self-signed
> certificate. There was discussion for inclusion of CAcert's root certificate
> in
> Mozilla and derivatives (such as Mozilla Firefox) but it was closed without
> including it, at the end of April 2007.
>
> Given the low price of a "trusted" certificate, I would be interested to know
> how it could be considered an improvement on the current state of affairs.
>
> Best,
>
> --
> Noah Slater, http://bytesexual.org/nslater
>
>
>