Carlos E. R. schrieb:
But according to what the mozilla people say, there are no degrees of certification because PKI doesn't allow it.
Well, there is a difference between normal and extended verification (EV) certs. The latter need an even more thorough audit and a tighter certification process where the CA verifies the actual identity and not just domain ownership like they do for normal certs. Note that the criteria for CAs and their audits are all laid down in https://www.mozilla.org/en-US/about/governance/policies/security-group/certs... and CACert was to date not able to conclude an independent audit (they started it but never finished) as required by the policy, esp. it's "Applying for Inclusion..." part. KaiRo -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org