Policy-Discussion

[Ian G <iang AT cacert.org>]

On 1/11/11 12:32 PM, Michael Tänzer wrote:
> Hi,
>
> On 31.10.2011 23:03, Lambert Hofstra wrote:
> > Well, it's a difficult concept... It's "free" as in "free beer" (you
> > don't have to pay for it) but not "free" as in "no obligations" (you
> > have to accept the CCA).
> >
> > The whole concept is to protect the community, so that it can stay
> > "free" (no cost involved) and still be of a certain value for the users.
> >
> > Imagine we provide the certificates for free, without any assurance.
> > Then you can distribute the root under GPL or whatever, because there is
> > no claim whatsoever. However, it would be of no value of the user.
> ... As
> far as I understand from my amateur view the "you may not rely" part is
> similar to this no warranty clause and the CCA poses this additional
> agreement that introduces reliance.

Yes, that's more or less it.  Other CAs are the same, they have Relying 
Party Agreements.

They just don't tell you that there is an absence of permission.  We 
wrote the policies to be non-deceptive.  So we have to tell people.  Is 
all...

> Also the certificate may be distributed even in modified form under
> certain conditions and these conditions might be where it gets
> complicated: They require the ones embedding the cert in their software
> to take "reasonable steps" to inform the user of the no warranty clause.

Indeed, earlier versions of RDL prohibited modifications.  This was 
dropped because in the spirit of GPL, we can actually benefit if people 
repackage the root cert into say OpenPGP form.


iang