Ram0502 wrote:
Ian G wrote:
This is something that Julien brought up and Amir
addressed by setting the border at the CA. As the
user identifies a particular CA as good, the security
app module accepts any cert from that CA.
Nice practical solution.
Except that it creates a monopoly situation for the cert buyer.
Having bought his first cert from CA X, if he ever buys a cert
from CA Y instead, all his users will be alarmed. This gives
CA X opporunity to charge ever higher prices for cert renewals.
And SURELY raising prices for certs is not among Ian's goals! :)
/Nelson
_______________________________________________
Mozilla-security mailing list
Mozilla-security@mozilla.org
http://mail.mozilla.org/listinfo/mozilla-security