[Noisebridge-discuss] New SSL key for noisebridge
Asheesh Laroia
noisebridge at asheesh.org
Thu Jan 29 03:08:21 UTC 2009
On Wed, 28 Jan 2009, Al Billings wrote:
> Someone should actually convince these people to go through the process
> of getting in Firefox's trust set of CAs.
They've been trying.
For years.
When they asked first, Mozilla suddenly realized: "We don't have a
policy."
Then for years nothing happened. Recently, the calendar year just changed
to 2009.
Yippee.
http://wiki.cacert.org/wiki/InclusionStatus discusses their process for
various systems, and now for the Mozilla bug
https://bugzilla.mozilla.org/show_bug.cgi?id=215243 it's blocking on some
audit procedure.
It's a good thing that audit procedure was done to the existing CAs to
avoid embarrassing attacks based on hash algorithms known as weak for
years.
-- Asheesh.
P.S. If you can't tell, I find this Mozilla/CACert story very frustrating.
--
You will gain money by a speculation or lottery.
More information about the Noisebridge-discuss
mailing list