On Sun Dec 13 17:55:29 2009, Peter Saint-Andre wrote:
On 12/13/09 10:41 AM, Jonathan Schleifer wrote:
> Dave Cridland <[email protected]> wrote:
>
>> Applications shouldn't be installing trust anchors without a lot
of
>> confirming with the user.
>
> I'm not talking about an application installing a system-wide root
> certificate. But if the StartCom certificate is included and used
for
> just that app, it only makes sense to add CACert as well.
Not really. It depends on what level of trust you have in those
anchors.
CAs are not interchangeable.
Right, the goal isn't just to make the warnings go away. :-)
Dave.
--
Dave Cridland - mailto:[email protected] - xmpp:[email protected]
- acap://acap.dave.cridland.net/byowner/user/dwd/bookmarks/
- http://dave.cridland.net/
Infotrope Polymer - ACAP, IMAP, ESMTP, and Lemonade
