On Fri, Oct 16, 2009 at 04:47:55AM -0400, Richard Stallman wrote: > I did not notice that message from Karl before, but now that I see it, > I think we should get another certification for Savannah if it is feasible. > > Matt, is it feasible? > > It seems that what CACERT needs is not support from people like us, > but rather to clean up its own act first. If CACERT someday gets > accepted by Mozilla, then we could reconsider the question of how to > support it,
I rather think that the Mozilla decision is blindly based on a more widespread $75000 audit from Webtrust, which CAcert cannot afford. The independant audit requested them to make changes that were not required from other certification providers. Basing our decision on Mozilla's is as blind as them. Using CAcert is important, it contributed to having it included in IceCat for example. Besides, if nobody uses CAcert we can be sure that their effort won't go anywhere. And just because Mozilla is showing a warning to users doesn't mean we have to abide: they is also a warning that we should install Adobe Flash after a first install, and hopefully we won't be similarly influenced. -- Sylvain
