Hello Karl, Thank you for going through all the background on this.
CAcert does look a long way out of reach.If it's not about the money, is it just that you don't want to pay something for a centralised system? If that is the case, why do you use DNS, or any other system you have to pay for.
most other FS groups have authorised SSL certs, e.g.: https://addons.mozilla.org/
https://secure.wikimedia.org/wikipedia/en/wiki/Main_Page https://launchpad.net/ https://slashdot.org/ Best regards, Jon
