From: Simon J. Gerraty (sjgcrufty.net)
Date: Thu May 13 2004 - 23:59:52 CDT

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

>we can also probably (though i've not checked) coerce the nbwww key
>into signing the "NetBSD CA" key, thereby establishing a line (note,
>not a web) of trust back to one of the "globally recognized CAs".

Very unlikely, a cert from veri$ign etc that would allow you to do that
would cost a lot more than a simple host cert, and there's very little
benefit to us in doing that. The "globally recognized CAs" are only
useful to browsers - because most users do not want to think about
deciding whom to trust.

Thanks
--sjg

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]