* Axel Beckert <a...@debian.org> [2021-08-11 13:27]:
I strongly disagree. CAcert offers way more types of certificates than Let's Encrypt. For example does Let's Encrypt not provide any certificates suitable for use as personal S/MIME e-mail certificates.
Have you tried creating a personal S/MIME e-mail certificate lately? Because I tried, and neither IE nor Edge nor Firefox nor Chrome nor Opera support the required HTML <keygen> tag any more. It has been this way for at least two years. Apparently nobody noticed.
But instead it offers longer living certificates for hosts not directly reachable from the internet — which is a hell to achieve with Let's Encrypt.
Private hosts are usually managed with a private CA, which gives you much more control and versatility. Many companies do this, and CAcert offers no advantage, since you'd still have to distribute their root certificates to all your clients.
Again, I strongly disagree. I rather hope that Dmitry gets it back into shape and then also offers it via bullseye-backports.
Well, if you, Dmitry, or anyone else feels that their time is well spent on this package, by all means, go ahead. I just happen to think that your contributions would be more valuable elsewhere. Cheers Timo -- ⢀⣴⠾⠻⢶⣦⠀ ╭────────────────────────────────────────────────────╮ ⣾⠁⢠⠒⠀⣿⡁ │ Timo Röhling │ ⢿⡄⠘⠷⠚⠋⠀ │ 9B03 EBB9 8300 DF97 C2B1 23BF CC8C 6BDD 1403 F4CA │ ⠈⠳⣄⠀⠀⠀⠀ ╰────────────────────────────────────────────────────╯
signature.asc
Description: PGP signature