[ntp:questions] Is there something with greater detail on "interface" besides the manpage?
david at ex.djwhome.demon.invalid
Wed Nov 20 22:03:04 UTC 2013
On 20/11/13 03:34, Harlan Stenn wrote:
> We use certificates generated and signed by CAcert.org . Their class 1
> and class 3 certificates are not included by default in many places yet.
> You probably just need to install these certificates:
Only after clearing it with your IT department. Whilst CACert may well
be less risky than some of the more obscure ones trusted by Windows,
more security conscious IT departments may well disable many of the
default Windows ones.
> I thought there was a note to this effect on the website but I'm not
> finding that now.
Telling people to reduce security without explaining the security
implications is a bad idea. Most end users will go for convenience,
rather than make a proper, informed, decision. (Every new root
certificate increases the number of sites you trust and therefore
reduces your security.)
More information about the questions