Hi, Jonathan Schleifer wrote: > Peter Saint-Andre <[email protected]> wrote: > >> Who said that including CAs is evil? >> >> My argument is that policies differ. Just because a lot of people use >> a particular CA doesn't make it good. > > Deciding on policies is something the user should do, not the client. I > for example trust something open and transparent like CACert much more > than some company like VeriSign etc.
And my sister has no idea what you are talking about, what these CA things are, why there is a warning, and how she can check these strange numbers called fingerprint. IMHO clients should include a basic sets of CAs. Dirk -- In some cultures what I do would be considered normal.
