On 01/09/2009 01:12 AM, Ben Bucksch:
Well, is it than an endorsement for self-signed certs?
It's not an *endorsement*, but making it possible to use them without
fat warning
Which is exactly the same thing...
For me, the more important part is *continuity*. For me, it's important
that the key stays the same (or signs the new key) and I don't have to
re-establish trust relationships all the time (via CAs).
Isn't that bad practice? I mean, the longer a key is used the better the
chances of getting compromised, isn't it?
It feel rather annoyed if I'd have to confirm every new cert encountered.
Please read the bug before commenting, thanks.
I did, I know this bug from long time ago. Perhaps help me understand
what I'm apparently missing here.
--
Regards
Signer: Eddy Nigg, StartCom Ltd.
Jabber: start...@startcom.org
Blog: https://blog.startcom.org
_______________________________________________
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
