[TriLUG] CAcert meeting -- how to prepare
Cristóbal Palmer
cmp at cmpalmer.org
Mon Feb 9 17:23:16 EST 2009
On Mon, Feb 9, 2009 at 4:59 PM, Lee Fickenscher <elfick at gmail.com> wrote:
> Is it a bad idea to add CACert's root certificate to your system? I assume
> that this is what the push is for anyway, but is it safe/smart to do so now?
What would be an attack against you that would leverage your having
accepted it? Do you check who the CA is when you hit a site with https
and there is no error (eg. a new-to-you vendor with a web "shopping
cart")?
Cheers,
--
Cristóbal M. Palmer
"The fun thing is to try to persuade others to share your opinions
about what rules and what sucks. Nothing is more fun than evangelism."
--Larry Wall
More information about the TriLUG
mailing list