On Sat, Sep 18, 2004 at 04:47:46PM -0600, Gunnar Wolf wrote: > what we do. Debian is about Free Software, not about the services > around it. You need an SSL certificate to make Free software almost usable. Free software as an SMTP relay with a clear auth is stupid. > Besides, setting up a CA is in the first place a huge responsability > (as we would really need to check you are not using fake documents, we > would need to have personal contact, etc.), and in the second place it However, let me point out again that SPI and CACERTS.org already run a CA. With the latter clearly willing to hand them out for free. And of course, most good Debian users have actually bothered to build up a "web of trust". Why not use it? > are not in the CA business. If I really want a certificate, I can get > it from a CA. Even if it were signed by the Debian project, relatively The CAs currently in Debian (please take a look in /etc/ssl/certs) charge something like 200USD a year. This is prohibitive.
Description: Digital signature