Return-Path: 
 <river-dev-return-4841-apmail-incubator-river-dev-archive=incubator.apache.org@incubator.apache.org>
Delivered-To: apmail-incubator-river-dev-archive@minotaur.apache.org
Received: (qmail 86441 invoked from network); 12 Oct 2010 13:47:25 -0000
Received: from unknown (HELO mail.apache.org) (140.211.11.3)
  by 140.211.11.9 with SMTP; 12 Oct 2010 13:47:25 -0000
Received: (qmail 21405 invoked by uid 500); 12 Oct 2010 13:47:25 -0000
Delivered-To: apmail-incubator-river-dev-archive@incubator.apache.org
Received: (qmail 21252 invoked by uid 500); 12 Oct 2010 13:47:22 -0000
Mailing-List: contact river-dev-help@incubator.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:river-dev-help@incubator.apache.org>
List-Unsubscribe: <mailto:river-dev-unsubscribe@incubator.apache.org>
List-Post: <mailto:river-dev@incubator.apache.org>
List-Id: <river-dev.incubator.apache.org>
Reply-To: river-dev@incubator.apache.org
Delivered-To: mailing list river-dev@incubator.apache.org
Received: (qmail 21244 invoked by uid 99); 12 Oct 2010 13:47:21 -0000
Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136)
    by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 12 Oct 2010 13:47:21 +0000
X-ASF-Spam-Status: No, hits=0.7 required=10.0
	tests=SPF_NEUTRAL
X-Spam-Check-By: apache.org
Received-SPF: neutral (athena.apache.org: local policy)
Received: from [83.163.196.105] (HELO nyx.xs4all.nl) (83.163.196.105)
    by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 12 Oct 2010 13:47:15 +0000
Received: from macmini.qcg.lan ([192.168.99.5])
	by nyx.xs4all.nl with esmtp (Exim 4.71)
	(envelope-from <sim@qcg.nl>)
	id 1P5fBu-0006tu-BS
	for river-dev@incubator.apache.org; Tue, 12 Oct 2010 15:46:54 +0200
Message-ID: <4CB466CE.9060404@qcg.nl>
Date: Tue, 12 Oct 2010 15:46:54 +0200
From: Sim IJskes - QCG <sim@qcg.nl>
Organization: Quality Consultancy Group b.v.
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US;
 rv:1.9.1.12) Gecko/20100915 Thunderbird/3.0.8
MIME-Version: 1.0
To: river-dev@incubator.apache.org
Subject: liberate the CA
References: <4C9DB5BF.8090307@zeus.net.au>
 <201010121457.40382.michal.kleczek@xpro.biz> <4CB45D7B.3030103@qcg.nl>
 <201010121539.52514.michal.kleczek@xpro.biz>
In-Reply-To: <201010121539.52514.michal.kleczek@xpro.biz>
Content-Type: text/plain; charset=ISO-8859-15; format=flowed
Content-Transfer-Encoding: 7bit

On 10/12/2010 03:39 PM, Michal Kleczek wrote:
> But make it simpler - you have a TLS certificate but you don't have code
> signing certificate (you know - it is much more expensive).

If you haven't got it, create it, or ask you own CA for it. But don't 
fall in the trap of https-pki = security. I would like much more freedom 
in creating certificates,

Gr. Sim