Why not use digital certificates provided by CACert. They are free, and have high levels of assurity, as opposed to a CAs like Verisign that have little to no assurity, and charge a ransom.
Gervase Markham wrote: > Jean-Marc Desperrier wrote: >> I agree. *Therefore* Mozilla.org need to have it's own code signing >> authority, and only accept code signed by it. You have all the >> competence needed on this group to help you set it up. > > Where in this group is there competence and experience in worldwide > identity vetting and validation? > > My definition of a "sucky" code signing cert is one in which the > information inside about the owner of the cert isn't accurate. > > Gerv > _______________________________________________ > dev-tech-crypto mailing list > dev-tech-crypto@lists.mozilla.org > https://lists.mozilla.org/listinfo/dev-tech-crypto > _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
