[Bug 474549] Review Request: ca-cacert.org - CAcert.org CA root certificates
bugzilla at redhat.com
bugzilla at redhat.com
Fri Nov 4 13:57:02 UTC 2011
Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug.
https://bugzilla.redhat.com/show_bug.cgi?id=474549
--- Comment #57 from Iang <iang at iang.org> 2011-11-04 09:56:59 EDT ---
Look beyond the labels for a moment, and look at the actions.
* you can use the certificates to complete your connections.
* you have to conduct your own due diligence ("validate").
* you cannot (expect to?) pin any bad effects on the CA.
* you may have heard that the CA has done a good job at the claims. Super!
* you may not base your decision on the claims.
* you may proceed with any transaction you see fit.
All of those are true for CAcert. They are true for other CAs (more or less,
for this discussion, I'll assume it, as it is a job of work to show it or
otherwise.)
Now back to the labels. That's what we call USE. That's what other CAs call
reliance.
What is it that you are missing?
--
Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.
More information about the package-review
mailing list