On Dec 20, 2008, at 1:54 PM, Karanbir Singh wrote:
David Hrbáč wrote:
Well, I guess there's no need to create special site to distribute Centos root certificates. We can distribute them via www.centos.org. What we really need is to create own CA. Having projects.centos.org secured via selfsigned cert is not good idea. If there's no one to pick up, I can handle.
I'd be most interested in finding out why you think a self signed cert is not a good idea, for something like projects.centos.org. Keep in context to whats on the other side of projects.centos.org and why its running on https in the first place.
Any particular reason (other than no round 'tuits) why a CAcert signed (rather than self-signed) should not be attempted instead?
Real world experience: my Mac OS X Leopard server is now CAcert'ed, the pain and drudgery were quite tolerable.
73 de Jeff