[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: "Certification Authorities are recommended to stop using MD5 altogether"

On mer, 2008-12-31 at 14:15 -0500, Micah Anderson wrote:
> Does anyone have a legitimate reason to trust any particular
> Certificate Authority? 

I may be wrong, but I trust the CAs in ca-certificates. I've followed
the add of French Gvt CA Certificates, and the procedure was enough
strict to give me this trust impression.

I would hope that other CA are checked to be trustworthy enough before
adding them to ca-certificates. Not sure if the same thing applies to
certificates in iceweasel or stuff like that, but at least in Debian we
(as “the maintainers”) have control over this.


Attachment: signature.asc
Description: This is a digitally signed message part

Reply to: