On Tue, 01 Apr 2014 11:04:43 +0100, Philip Hands <p...@hands.com> wrote: >Marc Haber <mh+debian-de...@zugschlus.de> writes: >> On Mon, 31 Mar 2014 16:03:30 -0700, Russ Allbery <r...@debian.org> >> wrote: >>>Of course, I'm one of those people who believes that web site certificate >>>signatures as currently implemented, with the level of vetting that's >>>actually done by commercial CAs in practice, are more of an extortion >>>racket than a security measure. >> >> I have to agree on that. But a Startcom Certificate on a personal web >> site is one web site more that doesn't train users to blindly click >> away certificate warnings. A cacert certificate or a self-signed >> certificate on a personal web site is one web site more that does that >> kind of training. > >Do you really think that the content on a Startcom certificated site is >more likely to be trustworthy than an CAcert certificated site?
No. I have nothing to add to Paul's explanation. Greetings Marc -- -------------------------------------- !! No courtesy copies, please !! ----- Marc Haber | " Questions are the | Mailadresse im Header Mannheim, Germany | Beginning of Wisdom " | http://www.zugschlus.de/ Nordisch by Nature | Lt. Worf, TNG "Rightful Heir" | Fon: *49 621 72739834 -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/e1wv5s4-0004ic...@swivel.zugschlus.de