On Mon, Aug 10, 2009 at 2:03 PM, Magnus Therning<[email protected]> wrote: > Aaron Griffin wrote: > [..] > >> It's not invalid, it's self-signed, so there's no certificate authority >> stamp-of-approval on it. We had a free year certificate at one point, but >> decided not to waste the money for a real certificate if it's only used by >> the devs. > > One option would be getting one from CACert.org. Of course it won't be > worth > a lot without putting their root cert in > openssl/firefox/konquerer/epiphany/etc...
We looked into that, but that's not much better than a self signed cert. We discussed this at length among the devs, and already made a decision. We're well aware of all the options :)
