Neither Microsoft and Apple charge for root inclusion. As far as I know, Opera is the only "significant" entity charging for root inclusion -- as a so-called "testing fee". This is a goofy description, as a root cert is pretty standard from a technology perspective. The complexity is in the operational processes of the CA (that are the basis of the trust of the cert) ... and Opera does nothing to verify the quality of the CA from a policy/process/compliance perspective.
I do not think that the Mozilla Foundation can charge enough for CA cert inclusion to make it worthwhile. CA cert inclusion should be based on an impartial standard -- such as WebTrust. To do anything else would undermine the high standards of Mozilla. -- "Heikki Toivonen" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] > Ben Bucksch wrote: > > The current CA policy says that root certs cost nothing, not even for > > commerical CAs. I'd propose to change that. The Mozilla Foundation needs > > money. Root certs are usually paid (with $$$), as I understood (Frank, > > do you have some quantative data about that, for large browsers?). > > Do ALL open source browsers charge money? Is Mozilla's market share big > enough so that anyone would be willing to pay for inclusion? Would this > bring enough money to MF that it would be worth it? In short, I don't > think it would be worthwhile to do so, but I guess it would be nice if I > was proven wrong. > > -- > Heikki Toivonen _______________________________________________ mozilla-crypto mailing list [EMAIL PROTECTED] http://mail.mozilla.org/listinfo/mozilla-crypto
