Subject: Deutschsprachige CAcert Support Liste
List archive
- From: Dominik George <dominik.george AT cacert.org>
- To: Ian G <iang AT cacert.org>
- Cc: <cacert AT lists.cacert.org>, <cacert-de AT lists.cacert.org>
- Subject: Re: Talking about CAs
- Date: Sat, 20 Mar 2010 08:57:56 +0000
- Authentication-results: lists.cacert.org; dkim=pass (1024-bit key) header.i= AT cacert.org; dkim-asp=none
- Organization: CAcert Inc.
Hi Ian,
hi list,
this criticism is a very good point, so I hereby admit a bad mistake from
my side in terms of communication.
I did not think this far because it was only a comment within a whole
thread about StartSSL started by someone else, so probably there was a lack
of thinking from my side.
Regards,
Nik
On Sat, 20 Mar 2010 11:53:11 +1100, Ian G
<iang AT cacert.org>
wrote:
> On 19/03/2010 18:27, Dominik George wrote:
>> Hi lists,
>>
>> a few days ago, I stated that S... was generating private keys
>> server-side. This news was published by Heise and not verified well
>> enough
>> by me (however, it looked as though they did it, because that stupid
>> WebKit
>> browser which must not be named did not look like being busy).
>
>
> Dominik, it's really not good to comment on the activities of other CAs.
> Especially to the press. You have to be very careful. It is best not
> to name the CA, and it is best to talk in terms of features that we have.
>
> For example, you could say that we have an ability to deal with failures
> of reliance by members that is documented and reasonable; you could say
> that other CAs have less capability in this area. Mention no names ;)
>
> Talking about whether one CA does something or other with its keys is
> really too far. Specifically, the CPS of that CA may permit it, and
> unless you're an expert in that, you won't be able to prove your point.
> Secondly, it doesn't matter at all in the big picture what they are
> doing, only what we do matters. Thirdly, and following on from the
> earlier points, the other CA is in a much better position to make you
> look like you're wrong and just spreading poison.
>
> For this reason, we don't mention the other CAs much in doco or on the
> maillists or elsewhere. If we allude to them for practical reasons, we
> have to be very careful to be neutral about them.
>
> You will notice that all professional CAs work this way. They never
> mention the competition. It's been that way in professional IT since
> IBM trod that path in the 1970s.
>
>
>
> iang
>
>
> PS: we should probably add this to the Communications guidelines.
- Lie about StartSSL, Dominik George, 03/19/2010
- Re: Lie about StartSSL, Michael Tänzer, 03/20/2010
- Talking about CAs, Ian G, 03/20/2010
- Re: Talking about CAs, Dominik George, 03/20/2010
Archive powered by MHonArc 2.6.16.