Andrew Savchenko, 09.03.2012 15:51: > On Fri, 09 Mar 2012 15:31:53 +0100 Alexander Kriegisch wrote: >> Maybe it would be a good idea to either use a commercial >> certificate or, if that is too expensive, continue using the >> self-signed one, but only to log in and after you are logged in. > > Commercial certificate is not necessary, CACert certificates are > acknowledged by any sane browser and may be obtained for free after > registration.
One more comment about this statement, because it surprised me and I just got around to testing it today. The result is as it always was: no browser I tested (current release versions of Chrome, FF, Opera, IE) trusts the CAcert root certificate, every single one shows a warning. Anything else would have been a surprise to me. Getting automatic trust on such certificates would be a security nightmare. Even with WOT notaries it is not much better. _______________________________________________ mc-devel mailing list http://mail.gnome.org/mailman/listinfo/mc-devel
