I've just noticed that cacert.org certificates was removed from "ca-certificates" a month ago. From changelog : * No longer ship cacert.org certificates. Closes: #718434, LP: #1258286 I'm disappointed by this decision and from #718434 I don't get a clear picture what is wrong with cacert.org. For years we were shipping their certificates and IMHO there should be a damn good reason to stop doing so. I wish maintainer would state the reason for removal in cahngelog. Is situation with cacert.org certificates dramatically worsened lately? Any security flaws were discovered? What we're gaining from dropping their certificates? Did we notify cacert.org about our intentions to drop their certificates? What were their comments? Did they provide time frame to address our concerns? Cacert.org web of trust model is very similar to ours. To me it is essentially more trustworthy than what for-profit CAs offer. Cacert.org (as the only non-profit community managed CA) needs our support. How dropping cacert.org certificates is going to benefit our communities? The following comment highlight some benefits of providing cacert.org certificates: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=718434#209 I want cacert.org certificates to raise no warning in browsers. This way we can encourage use of cacert.org certificates as alternative to self-signed certificates and therefore promote the use of HTTPS. Users are supposed to check certificate properties for encrypted connections if/when they want to check certificate authenticity. I think dropping cacert.org did more harm than good. Perhaps it's better to promote packages like "xul-ext-certificatepatrol" rather than punish cacert? After all I'm sure cacert.org team is doing their best just like we all do in Debian. : http://metadata.ftp-master.debian.org/changelogs/main/c/ca-certificates/unstable_changelog -- Cheers, Dmitry Smirnov GPG key : 4096R/53968D1B --- The most fatal blow to progress is slavery of the intellect. The most sacred right of humanity is the right to think, and next to the right to think is the right to express that thought without fear. -- Helen H. Gardner, "Men, Women and Gods"
Description: This is a digitally signed message part.