On Sat, Mar 13, 2010 at 04:28:21PM +0100, Hannes Magnusson wrote:
>
> Just install the root cert from http://www.cacert.org
Someone I trust regarding security issues said the following recently
about doing such:
I note that as of 2009-01-05 evidently CAcert began requiring not just
"can you get email" but any one of four other checks of identity as
well. Unfortunately, it doesn't look as if they retired their old
root CA at that time (an issue also raised by Ubuntu). What that
means is that trusting CAcert's root means trusting a lot of certs
out there that could trivially have been obtained under false
pretenses. Very bad.
--Dan
--
T H E A N A L Y S I S A N D S O L U T I O N S C O M P A N Y
data intensive web and database programming
http://www.AnalysisAndSolutions.com/
4015 7th Ave #4, Brooklyn NY 11232 v: 718-854-0335 f: 718-854-0409
