© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
0e1f616
(Get the code!)
Guys, you're all doing this wrong!
There are two things required here:
1: It should be possible for end users to easily add a arbitrary certificate
authority to their setup.
2: Mozilla's certificate table should include a "use me" flag.
Then ship CAcert with that flag off until you've decided how much to trust
their validation proedures etc.
Allow users to toggle the flag.
Probably still check against the unflagged cert auths and raise a dialogue
saying "this cert signed by known but not trusted-by-default auth:
use this time, trust the auth, etc?"
In this way the users get some choice, you retain control of indicating whether
_you_ trust the various auths, etc. Everybody wins!