I work within a chilean organization that promotes open source software, and now we are preparing a Firefox campaign.
Besides a localization effort, and national's rss feeds, i wonder if we can include our national CA root certificates. That could make a big difference, because this CAs doesn't have obtained even yet the certification to be included in explorer... and the media attention and even government interest in Firefox could be even bigger.
Note that I have already corresponded with Hugo regarding our policies regarding including new root CA certificates in Firefox and Thunderbird. (I suggested submitting a formal request for these CA certificates to be included; however the Chilean CAs are apparently like many CAs in other countries: They are authorized to operate under Chilean digital signature legislation, but have not undergone any other third-party audits like WebTrust.) I also pointed out that including CA certificates specifically for the Chilean localized version would require approval under the Mozilla trademark policies.
So don't worry about the legal and policy issues, I am already aware of the situation there. I think a more relevant question is: Does it actually make sense to build an extension to install root CA certificates? It seems to me that from the user's point of view the process of downloading and installing an extension is no more or less complicated than the process of downloading a root CA certificate and marking it for acceptable uses. I don't really see why an extension is preferable, unless it would be installing multiple root CA certs and thus avoiding the need for the user to do multiple cert downloads.
Frank
-- Frank Hecker [EMAIL PROTECTED] _______________________________________________ mozilla-crypto mailing list [email protected] http://mail.mozilla.org/listinfo/mozilla-crypto
