It seems that every time I go on this blog, there’s some kind of security warning. “This website’s certificate is not trusted.” Yet, Darren insists that he knows the president of CaCert and that it’s CaCert’s fault for making crappy certificates.
Oh well, I hope this website isn’t phishing for my personal information.
And hopefully this security dilemma is solved before anything bad happens.
Actually it’s because we are a nonprofit and are looking for funding for an audit so that we can get included in the browsers. We are not “making crappy certificates”.
And yes, I am the former President of CAcert. I am now just a regular board member.
Nick
You obviously don’t understand SSL. SSL takes any old certificate, sends it to the browser. The problem is that CAcert doesn’t have their root certificate included with Firefox or such. There is no difference between say a SSL certificate that I buy from say, VeriSign (and dump tons of money into it) or one I get for FREE with unlimited domains covered per certificate, and wildcards domains (*.theoks.net, etc.).
CAcert makes great certificates at full 256-bit encryption, and I will continue to use CAcert for my SSL, no matter how you complain.
hmmm… then I guess I heard you wrong. It must be Firefox’s fault for not recognizing CaCert’s security certificate.
At any rate, someone messed up and this is why it’s happening.
Nobody messed up, CAcert is relatively new to the field, and their root certificate will be included after they complete a security audit.
how long has CaCERT been around?