Geoffrey, I have security concerns about every CA in the list, not just CACert.
That notwithstanding, CACert has not proven to be less crap than any
of the others
that have, IMO, plenty of issues of their own. I don't buy the
argument that a non-profit
CA hasn't signed up and paid for
Hi,
Debian is considering removing CAcert.org from its root certificate
package for a couple of reasons:
- It has not passed the standard Webtrust audit needed for inclusion in
the major vendors' CA bundles (Mozilla, Google, Apple, MS, ...)
- It has a history of serious security issues that
On Wed, Nov 13, 2013 at 12:19, Geoffrey Thomas wrote:
- There are allegedly licensing issues associated with redistributing the
root.
It's really neither here nor there considering all the other issues,
but when you mentioned this I was expecting their terms to be totally
off the wall.
- There are allegedly licensing issues associated with redistributing the
root.
It's really neither here nor there considering all the other issues,
but when you mentioned this I was expecting their terms to be totally
off the wall.