Comment 250 for bug 232340

Revision history for this message
David Ayers (ayers) wrote :

The important issue is not who Mozilla trusts, but who the user trusts.
The issue also doesn't solely apply to the class 1 root certificate but also to the class 3 server certificate used by mail servers.

There are a substantial set of users who use (often their own) mail servers that use certificates signed by CAcert class 3 certificate.

Any application should have easy was to add a CA which the user trusts, totally independent of the situation wrt CAcert, which is also a reason why I do not believe that reopening this particular bug is the right thing to do.

The correct thing would be to request an easy way for a user to manage her CA's for her applications.