Aaron Griffin wrote: [..]
Changing the subject here while we go on this tangent.
The reasoning is simple: CACert root certificates aren't generally accepted, and while we actually support them in things like konquerer, firefox and other tools are a different story (silly mozilla). It's just not feasible at this point, so we end up with a certificate that is "untrusted" anyway.
Fair enough. It might be worth keeping an eye on what they are doing though since I've heard mumblings about some restructuring within CACert.org that would make it possible to get their root cert included in the "standard set" that's shipped by Mozilla/Microsoft etc. Once that happens their certs will be worth a lot more.
Now here's the thing.... we already discussed this, and all I'm doing now is rehashing debates about it. There's not much point in it, and I'm not going to be suddenly convinced to do a bunch of work to change a site that is used by about 30-40 people with no actual benefit besides getting rid of a one-time warning screen.
The decision was made, it's over and done with, it's not a big deal.
Oh, I'm not about to start arguing against a good set of reasons :-) /M -- Magnus Therning (OpenPGP: 0xAB4DFBA4) magnus@therning.org Jabber: magnus@therning.org http://therning.org/magnus identi.ca|twitter: magthe