[Grants] Inquiry regarding a possible application from CAcert

Jonathan Woithe jwoithe at just42.net
Tue Oct 23 14:52:37 AEDT 2018


On Tue, Oct 23, 2018 at 12:39:19PM +1100, Linux Australia President wrote:
> The main question I'd have here, with no offence or disrespect intended, is
> whether CAcert as an organisation still has relevance given the rise of
> Let's Encrypt, which is also open source. While CAcert has in the past
> provided a very valuable service, the need for a self-signed cert now that
> LE is available is less present.

This is a valid question.  However, while there is some overlap between the
two organisations in the area of HTTPS certificates, CAcert does provide a
service which LE does not: the provision of certificates formally validated
against individuals rather than domain names.  Such certificates are useful
when digitally signing files, and so on.  To obtain an LE certificate one
must have a domain name and a working web server for that domain.  To be
issued with a CAcert you only need yourself and a sufficient level of trust
within the web of trust.  Not everyone has access to the former, but the
latter is possible for almost anyone.

> Does CAcert in Australia or internationally have a strategic plan we could
> look at?
> 
> That would allow us to get a clearer picture of where the organisation is
> going ...

Agreed.

Regards
  jonathan



More information about the Grants mailing list