Ben Bucksch wrote:
Nelson B wrote:
So, you agree that we should change that from a warning to an error,
no override possible?
No, because there are a lot of legitimate sites that don't use a
(default) CA (my test server, for one).
Let us suppose for this discussion that, within the next 90 days,
cacert.org gets into the trusted certs list, and consequently,
(If I understand what cacert.org is offering) you can then get a
legitimate SSL server cert from a trusted CA for free.
Why then would you continue to want or need to issue your own
server certs?
And, if you have no further need to issue your own certs, what
further objection do you then have to removing the CA addition
dialog?
Duane, I'd like to know your answer to this question, too.
You are, after all, trying to get into the trusted CA list.
If you succeed, why would you champion a UI policy that obviates
your service?
_______________________________________________
mozilla-crypto mailing list
[EMAIL PROTECTED]
http://mail.mozilla.org/listinfo/mozilla-crypto
