[ntp:questions] Is there something with greater detail on "interface" besides the manpage?

David Woolley david at ex.djwhome.demon.invalid
Wed Nov 20 22:03:04 UTC 2013

On 20/11/13 03:34, Harlan Stenn wrote:

> We use certificates generated and signed by CAcert.org .  Their class 1
> and class 3 certificates are not included by default in many places yet.
> You probably just need to install these certificates:
>   https://www.cacert.org/index.php?id=3

Only after clearing it with your IT department.  Whilst CACert may well 
be less risky than some of the more obscure ones trusted by Windows, 
more security conscious IT departments may well disable many of the 
default Windows ones.

> I thought there was a note to this effect on the website but I'm not
> finding that now.

Telling people to reduce security without explaining the security 
implications is a bad idea.  Most end users will go for convenience, 
rather than make a proper, informed, decision.  (Every new root 
certificate increases the number of sites you trust and therefore 
reduces your security.)

More information about the questions mailing list