[Enigmail] Setting trust levels for unknown keys
Ayush Sharma
85.ayush2 at gmail.com
Wed Apr 29 14:42:05 PDT 2009
Hi Robert and everyone else!,
Robert J. Hansen wrote:
> Faramir wrote:
>>
<snip>
> Their policies and procedures are one thing -- but how do you know that
> the policies and procedures they list are the same as what they actually
> _do_?
>
I have absolutely no idea about this stuff Robert (or shall I use Mr.
Hansen?), but just asking, shouldn't CACert go through some kind of
"stringent" (LOL) tests to ensure that it doesn't goof up down the road,
something like it does "what it should" with a success rate more than
some threshold limit, before it gets recognized by browsers as a
trustworthy Root CA by default (and I guess that's why it's NOT accepted
to date by firefox), while Thawte is.
> When I'm teaching software engineering, I present the students with a
> hypothetical question involving a database system that's written
> entirely in RavenSPARK,
Makes me remember an interesting anecdote that I will share later. ;)
>
> There is no substitute for direct on-the-ground knowledge. If you're
> cool with trusting CAcert without this, that's your call to make: but I
> don't think impressive documentation, by itself, inspires much confidence.
words are dime a dozen, eh ;)
Warm Regards to everyone, and wish everybody's cities are blessed with a
s good a weather that we have here,
-Ayush
More information about the Enigmail
mailing list