Roughly, it farms out criteria for a CA to WebTrust. There may be some product
liability concerns around this.
Some here have called for CAcert's cert to ship in a disabled fashioned 'if only
there was a gui to enable it'. It's there, in Firefox anyway.
Prefs...Advanced...Certs..Manage Certs...Authorities...Edit.
Also, I filed bug 276827 for removal of the one-click root-cert install to help
with phishing/MIM attacks.
Folks here may be interested in the candidate CA policy that's been posted:
http:// www.hecker. org/mozilla/ ca-certificate- policy
Roughly, it farms out criteria for a CA to WebTrust. There may be some product
liability concerns around this.
Some here have called for CAcert's cert to ship in a disabled fashioned 'if only .Advanced. ..Certs. .Manage Certs.. .Authorities. ..Edit.
there was a gui to enable it'. It's there, in Firefox anyway.
Prefs..
Also, I filed bug 276827 for removal of the one-click root-cert install to help
with phishing/MIM attacks.