[jdev] CAs (was: s2s doubts)
Peter Saint-Andre
stpeter at jabber.org
Thu May 19 10:30:44 CDT 2005
On Wed, May 18, 2005 at 10:59:09PM -0400, Hal Rottenberg wrote:
> > I've been getting more heavily involved with CAcert.org, and the number
>
> > Having a cert from a commercial CA proves that you once possessed a few
> > hundred dollars and now that money is in the bank account of the CA.
>
> > Having a cert from CAcert proves that you met with some assurers (or
>
> > We can debate which of these approaches is superior, but I rather like
> > the CAcert approach because it is based on something more significant
>
> Peter, what about the not-insignificant issue that CAcert is not a
> default trusted root in Windows? I just tried to find a page that
> listed every CA that Microsoft "trusts", but for the life of me can't
> find it. (Justin, do you have that URL?) CAcert needs to sign up for
> that program. Otherwise you are damning Aunt Tillie to installing
> root certificates or worse, prompting them to accept untrusted
> certificates.
The first step for the CAcert folks is to get included in the trusted
root CAs for Mozilla/Firefox, which seems to be enough of an effort for
right now. AFAIK, CAcert is also working to get included in various
Linux distributions. I think getting included in Windows will take a
long time and perhaps a lot of money.
/psa
More information about the JDev
mailing list