On Tue, Jul 22, 2008 at 9:34 PM, Joachim Steiger <[EMAIL PROTECTED]> wrote: > > Marcus Bauer wrote: > > Having trusted signatures in my browser preinstalled makes lots of > > sense, as it makes a man-in-the-middle-attack a lot more difficult. > > only if the man in the middle doesn't have a valid cert. > > for details of the 'process' please read > https://bugzilla.mozilla.org/show_bug.cgi?id=215243 > not funny, not nice, not sane. rather sad to be true.
The bug is closed as invaild and it is quite so. To quote from the bug: "Bottom line: this bug has been open nearly four years, and all the information needed has not yet been presented. I consider four years more than "a reasonable time", and so have closed this bug. When and if CACert would like to present the information necessary, they can open another bug and do so." Cacert has failed to demonstrate a decent procedure and thanks to your email I verified that my Debian Iceweasel does *not* contain it. Otherwise I had kicked it out immediately and I would advise everybody else to do so too. _______________________________________________ devel mailing list devel@lists.openmoko.org https://lists.openmoko.org/mailman/listinfo/devel
