[lug] CaCert
Andrew Diederich
andrewdied at gmail.com
Mon Aug 27 16:15:04 MDT 2007
On 8/27/07, dio2002 at indra.com <dio2002 at indra.com> wrote:
>
> > Not quite. The CACert root certificate is not in all browsers. Many
> > Linux distro's add it to Firefox and such, but it is not included in
> > Firefox to begin with, there is a process that CACert is going through
> > to get into Mozilla/Firefox.
>
> so is there any real benefit to cacert versus just signing my own
> certificate? It looks like the popoup is going to come either way. If i
> sign my own cert and set the common name to my domain, i imagine the certs
> aren't going to look that different from the user perspective nor will the
> user experience be that much different?
In theory, the user would see that it was signed by a third party,
check out the website, and add CAcert to the trusted list. Or, they'd
use a linux distro that includes the CAcert root certs.
I've used CAcert server certs internally at a couple companies, and
for S/MIME at one, too. I could centrally manage certificates that
way. At this point I wouldn't use it for external uses where I'd run
into non-technical users, or for any sort of payment (stores).
--
Andrew Diederich
More information about the LUG
mailing list