I know it's easy to believe that there's some sort of conspiracy (e.g., between the Mozilla Foundation and commercial CAs) to keep CAcert's certificate out of Firefox, etc., but I am not a party to such a conspiracy.
One more point worth noting: In defending myself against the charge that I'm part of an "anti-CAcert" conspiracy, I realize that I may leave myself open to the charge that I'm part of a "pro-CAcert" conspiracy. For the record, my goal of this whole policy exercise is niether to keep putting barriers in place to keep CAcdrt out, nor to keep bending the rules until CAcert can slip in.
Rather my goal is for us to come up with a policy that a) is in line with the overall goal of promoting security for typical Mozilla users, b) treats CAs reasonably equally and doesn't unnecessarily discriminate against new CAs that may not conform to the traditional commercial PKI model, and c) can achieve at least a rough consensus among the people who have an interest and stake in this matter.
Frank
-- Frank Hecker [EMAIL PROTECTED] _______________________________________________ mozilla-crypto mailing list [email protected] http://mail.mozilla.org/listinfo/mozilla-crypto
