[AusNOG] Lets Encrypt
Matt Palmer
mpalmer at hezmatt.org
Wed Nov 19 14:59:42 EST 2014
On Wed, Nov 19, 2014 at 12:03:48PM +1000, Colin Stubbs wrote:
> Correct. They shouldn't be in any trusted bundles because cacert.org does
> absolutely nothing to validate anything more than the ability to read an
> email.
To be fair, for DV certs, most other CAs only validate your ability to read
an e-mail *and* your credit card number. CAcert's problem is that they
can't rustle up $100k/year to have an accountant say, "yes, you're
validating people's ability to read an e-mail in accordance with your
written procedures".
- Matt
More information about the AusNOG
mailing list