[Cryptography] New free TLS CA coming

Ralph Holz ralph-cryptometzger at ralphholz.de
Fri Nov 21 11:40:03 EST 2014


> That was my immediate reaction as well.  CACert has been given the runaround
> for more than just four years, it's been more than a decade, and yet as soon
> as a Mozilla-sponsored CA turns up it's in.

I'm also wondering what it will be used for. It seems to be a kind of CA
that is simply meant to enable HTTPS everywhere - Domain Validation at
its purest, without claims going beyond what the BR rule.

> Perhaps someone from Mozilla would be able to explain what the difference is
> that gets Let's Encrypt immediate acceptance while CACert has been left out in
> the cold for more than a decade.

Reading what Ian Grigg had to say on that topic, and knowing someone who
was involved with them for a while, I feel hesitant about CACert, too,


More information about the cryptography mailing list