Bug#309564: mozilla-firefox: Please include CAcert.org certificate

Mike Hommey mh at glandium.org
Sun Jul 13 11:44:18 UTC 2008


On Sun, Jul 13, 2008 at 11:17:59AM +0000, Sam Morris wrote:
> Note that Epiphany users cannot opt out of using the CACert certificate
> because their certificate manager is broken.
> 
> Do we *really* want to diverge from upstream here? I know CACert is a
> great idea in theory, but Mozilla upstream has not added the certificate
> and they have a long list of good reasons for doing so. Especially with
> our recent security record in mind, we should think long and hard before
> diverging from upstream in cases like this!

The fact is, anything that is not using nss, which is roughly anything
but mozilla products, already know CACert. That even includes webkit.

Also note that the dialog to opt-out certificates *does* work in
Epiphany.

Mike





More information about the pkg-mozilla-maintainers mailing list