Hi,
fist of all CACert is total crap. They have been removed from the linux
distributions they were (falsely) included in and no browser ever
trusted them because they can't seem to pass the security audits. I
realize this comment will probably cause me a lot of ranting but it has
to be said that
Hi Kristian,
A misissued cert could still be used if attacker is persistent enough. Either
through dns poision or other attack vectors.
And yes, I only issue certs to servers I recognize to have been in the pool for
a while and operator should be in the openpgp wot strong-set.
Maybe it's wis
Hi,
various regional pools. It seems that the NA and OC pools quite often
contain hosts that are in Europe. This could be because physical
geography and internet routing are two very different things but I think
more likely it is because the system(s) that are being used to measure
server perf