Hi,
warms0x wrote (03 May 2015 17:42:48 GMT) :
> What would it take to have Tails incorporate CACert into the trust
> chain?
I personally don't think the Tails project should enter the CA
evaluation game.
> Would this be something to talk to the Tor Browser, or upstream
> Debian maintainers about instead?
Tor Browser uses the set of CAs provided by Mozilla. Tor Browser
developers have stated a few times that they don't fancy entering the
CA evaluation game either.
FTR, Debian used to add CACert to NSS and to the ca-certificates
bundle, but dropped it:
https://bugs.debian.org/718434
https://bugs.debian.org/731463
Cheers,
--
intrigeri