Andreas Jellinghaus wrote: ... > the more important questions is: but why do we need an official ssl > certificate at all? there is no user information on opensc-project.org, > all we use ssl for is the developer write access to the svn repository > (and the login with trac and awstats and munin - but those are not > very important).
I agree that a ssl protection for out websites isn't extremly important at the moment (at for those who insist on a ssl connection our self-signed certificate should be sufficient). Much more interesting IMHO would be sign the official releases or at least sign the announcement mails (containing a fingerprint of the latest tarballs). Nils _______________________________________________ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel