On Mon, Mar 30, 2009 at 09:18:45 -0700, Craig White <[email protected]> wrote: > ---- > I agree that you are discussing the present day practical limitations > but the concept of an open certificate authority would seem to defeat > most, if not all of the problems of a corporate certificate authority > such as Verisign or Thawte, etc. It would seem that those who harbor > those concerns should join openca.org, help it reach critical mass, help > it get root certificates installed in browsers by default, etc.
That isn't the real issue. I am not going to trust OpenCA any more than I trust Versign or Thawte now. (i.e. if they have their certs in by default, it just makes more certs for me to remove.) What really needs to happen is a more sensible way of handling ssl connections. What Firefox currently does is rediculous. -- fedora-list mailing list [email protected] To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
