[Bug 474549] Review Request: ca-cacert.org - CAcert.org CA root certificates
bugzilla at redhat.com
bugzilla at redhat.com
Wed Nov 2 09:25:16 UTC 2011
Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug.
https://bugzilla.redhat.com/show_bug.cgi?id=474549
--- Comment #50 from Iang <iang at iang.org> 2011-11-02 05:25:12 EDT ---
A couple of additional caveats:
1. Startcom is a different kettle of fish. It doesn't have an RPA (last I
looked) and doesn't follow the normal CA contractual pattern. Because it
doesn't have a defined agreement and instead relies on its CPS, it is much
harder to interpret in legal terms. It is better to familiarise with the
Verisign standard RPA approach first, and then branch out.
2. Please also note that it is your responsibility to agree to the RPAs and
understand them, as and when you use certificates. As professionals, we are
limited in what we can say about brother CAs. Obviously, this absence of
inspection can be be used against you, and has been used against you in this
case, because you believed you could rely under your own definitions.
That is indeed why we are the blatant ones.
--
Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.
More information about the package-review
mailing list