> -----Original Message----- > From: news [mailto:[EMAIL PROTECTED] On Behalf Of NoOp > Sent: Wednesday, April 18, 2007 3:02 AM > > However, the problem, as I see it, would be that every mirror > would then also require a CA.
We need to sign our code, not validate the server providing download, so mirrors do not need certs (in the same way as Firefox and Thunderbird installers are signed). --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
