[aur-general] Random discussion about certificates

Magnus Therning magnus at therning.org
Mon Aug 10 16:29:38 EDT 2009

Aaron Griffin wrote:
> Changing the subject here while we go on this tangent.
> The reasoning is simple: CACert root certificates aren't generally accepted,
> and while we actually support them in things like konquerer, firefox and
> other tools are a different story (silly mozilla). It's just not feasible at
> this point, so we end up with a certificate that is "untrusted" anyway.

Fair enough.  It might be worth keeping an eye on what they are doing though
since I've heard mumblings about some restructuring within CACert.org that
would make it possible to get their root cert included in the "standard set"
that's shipped by Mozilla/Microsoft etc.  Once that happens their certs will
be worth a lot more.

> Now here's the thing.... we already discussed this, and all I'm doing now is
> rehashing debates about it. There's not much point in it, and I'm not going
> to be suddenly convinced to do a bunch of work to change a site that is used
> by about 30-40 people with no actual benefit besides getting rid of a
> one-time warning screen.
> The decision was made, it's over and done with, it's not a big deal.

Oh, I'm not about to start arguing against a good set of reasons :-)


Magnus Therning                        (OpenPGP: 0xAB4DFBA4)
magnus@therning.org          Jabber: magnus@therning.org
http://therning.org/magnus         identi.ca|twitter: magthe

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 197 bytes
Desc: OpenPGP digital signature
URL: <http://www.archlinux.org/pipermail/aur-general/attachments/20090810/1dc15228/attachment-0001.pgp>

More information about the aur-general mailing list