Re: uses an invalid security certificate

From: "Thijs Kinkhorst" <thijs(at)debian(dot)org>
To: spi-general(at)lists(dot)spi-inc(dot)org
Subject: Re: uses an invalid security certificate
Date: 2014-02-28 08:42:29
Views: Raw Message | Whole Thread | Download mbox
Lists: spi-general

On Thu, February 27, 2014 18:37, Jimmy Kaplowitz wrote:
> You may ask why SPI hasn't signed up for one of the commercial options.
> Turns out there really isn't a good one. Some examples: purchasing an
> official intermediate CA would be expensive and we're smaller than the
> vendors typically intend; Debian needs to run its own sub-CA for its
> system administrative needs; the free SSL certificate options like
> StartSSL are not compatible with teams like Debian which justifiably
> need a sysadmin team associated with the account instead of an individual;
> etc. All of this is in addition to the very small nature of the trust
> benefit of commercial CAs over what we have now.

Since Debian is in the process of replacing its SSL certificates by ones
supplied by Gandi (that are recognised by all major browsers), it seems
like this could be a good option for SPI aswell.


Browse spi-general by date

  From Date Subject
Next Message Jeremy Baron 2014-03-02 17:02:03 Re: uses an invalid security certificate
Previous Message Jimmy Kaplowitz 2014-02-27 23:52:34 Re: uses an invalid security certificate