[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Savannah-help-public] [sr #106651] Savannah should use CAcert.org-signe
|
From: |
Reed Loden |
|
Subject: |
[Savannah-help-public] [sr #106651] Savannah should use CAcert.org-signed SSL certificates |
|
Date: |
Wed, 18 Mar 2009 00:15:38 +0000 |
|
User-agent: |
Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.2a1pre) Gecko/20090310 Minefield/3.2a1pre |
Follow-up Comment #9, sr #106651 (project administration):
> I think there was just a misunderstanding about CAcert.org, and
> there's no new argument in the discussion, so I'll close the
> request.
There is no misunderstanding on my part at all. Karl and I both are stating
exactly what we mean. CAcert is insecure, and there are facts on both
CAcert.org as well as other sites to prove it. I'm on vacation this week (and
away from my main computer), so I don't have the time or resources to mention
even more details, but I'll comment again next week with some info.
I will again request that you fix the summary of this SR, as well as reopen
it pending an actual resolution.
Again, why can't you just use the certificates the FSF has already purchased?
They are from a reputable CA and are accepted by all major browsers. We
shouldn't be teaching users to ignore SSL error messages from their browsers
just to access Savannah. Also, it hurts Savannah by forcing users to accept
such certificates in order to log in.
_______________________________________________________
Reply to this item at:
<http://savannah.gnu.org/support/?106651>
_______________________________________________
Message sent via/by Savannah
http://savannah.gnu.org/