Hi, Tom Hughes schrieb: > On 11/02/14 21:04, Peter Barth wrote: > > And another question: Could you consider to favor cacert certificates > > over RapidSSL/GeoTrust? > > Why would we want to do that?
:) Imho the CA system is totaly broken. If you want any security you need pinning. Anyways, I'd always prefer a web-of-trust over a company and that's the first reason what Cacert is good for. Second, I don't like that an open project (or any person for that matter) has to pay much money to participate in the www. Cacert is free, the others aren't. > It would cause virtually all our users to > get certificate warnings when visiting the site. However, you might have a point with this one :/ I forgot about the other operating systems out there and I suppose MS doesn't include cacert's root certificate :( Anyways, sorry for the noise. But I'd still prefer cacert over any big expensive authority ;) Regards, Peda -- _______________________________________________ talk mailing list talk@openstreetmap.org https://lists.openstreetmap.org/listinfo/talk