[Psi-devel] OT: CACert included in Kubuntu?
Justin Karneges
justin-psi2 at affinix.com
Tue Nov 28 09:19:08 PST 2006
Hi folks,
Offtopic here but I wanted to see if anyone could confirm this. I noticed
today that jabber.ru, signed by CACert, was validating with QCA on my Kubuntu
system. I don't believe I ever installed CACert as a root authority.
In fact, it is cert #1 in the systemstore:
$ qcatool --list-keystore sys | grep "CA Cert"
Cert 1 [CA Cert Signing Authority]
$ qcatool --showcert sys:1
Serial Number: 0
Subject
Name: CA Cert Signing Authority
Organization: Root CA
Organizational Unit: http://www.cacert.org
...
I find this a bit concerning. CA Cert might be great, but even Mozilla has
not accepted them as far as I know. I'm not sure how Kubuntu can justify
this, when I doubt they have nearly the security policies as Mozilla.
This is probably also true for plain Ubuntu, but I haven't confirmed.
-Justin
More information about the psi-devel
mailing list