[ILUG] CACert.org

Tue Feb 7 12:40:18 GMT 2006

On Tue, Feb 07, 2006 at 09:44:34AM GMT, Colm MacCarthaigh 
<colm at stdlib.net> incoherently babbled:

> It does what it says on the tin, will probably never get into the
> distributed list of certs in major browsers, but still marginally better
> than a self-signed cert. There are a few assurers now in Ireland, and
> we'll all be happy to assure you in person.

That's true. I don't expect their root certificate in any of the major
browsers or operating systems for that matter.

I find it handy to have a common CA for my SSL certs, which I didn't
have to go and create from scratch, my keychains don't complain as much.
I wouldn't use a CAcert signed cert for online transactions or anything,
but for basic ssl for passwords, I'm happy to use it.

You should bear in mind, with a CAcert signed cert, you lose all defined
O, OU, etc details except for your hostname. You can get most of them
back, if you get organisation assurance. I just got it over the weekend, 
so it's something for me to test drive. :)  

-- 

Conall O'Brien

http://www.conall.net

GPG Key: http://www.conall.net/gpg/

Tussman's Law:

        Nothing is as inevitable as a mistake whose time has come.