Let us suppose ... cacert.org gets into the trusted certs list
Why then would you continue to want or need to issue your own server certs?
Maybe I wouldn't, but there's still be a lot of sites out there. But maybe CAcert is not acceptable for me for any reason, or I just won't want to go through the hassle, because it's not important in my case.
Also, for example, a huge German webmailer (web.de) has its own CA (authenticating *all* full users via paper mail and issuing all of them an email cert) and uses that to sign the certs of the webmail servers. Not many people import their root cert, so many people see the dialog when they want to read webmail. Then there's Black Helicopter and similar, not all of which will get into the Mozilla root. There are probably more such cases out there.
_______________________________________________ mozilla-crypto mailing list [EMAIL PROTECTED] http://mail.mozilla.org/listinfo/mozilla-crypto
