English | Italiano

Status

Traditionally vendors seeking to have their root certificates included in browsers (directly or via the underlying OS infrastructure like Safari via OS X's Keychain) would have to seek an expensive Webtrust audit (~$75,000 up-front plus ~$10,000 per year). While achievable for commercial CAs who typically charge per certificate year, this is typically out of the reach of non-profit organisations like CAcert.

CAcert's primary focus and largest challenge at present is to meet the fair but firm policy of Mozilla with a view to inclusion in their products, including the popular Firefox browser (see Mozilla bug 215243). To that end an Audit is underway (you can refer to the AuditToDo list for progress and our Certificate Policy Statement is being refined at CPS (many thanks to Christian Barmala's work on this topic and for everyone who has contributed to the shaping of these policies).

If you are unsatisfied with the rate of progress that is done you are welcome to HelpingCAcert the various teams by contributing your time for support, arbitration or software assessment.

Software

OS

Status

Category

Name

Version

Issue(s)

Owner

Comments

Included

OS

ArkLinux

2006.1

Stalled

OS

Debian

213086 718434

screenshot - not included in ca-certificates since march 2014

Included

OS

Privatix

Privatix is based on Debian GNU/Linux.

Included

OS

FreeWRT

1

Included

OS

Gentoo

93520

Included

OS

Knoppix

6.1

screenshot

Included

OS

Mandriva

2007.1/2008.1/2009.1/2010.0/cooker

23171 31567 34790

Included

OS

GRML

http://grml.org/screeni/cacert.png

Included

OS

MirOS BSD

changelog

Disabled

OS

Arch Linux

Mailing List posting. User created replacement package

Included

OS

OpenBSD

Included

Server

Openfire

XMPP chat server software includes class 1 & class 3 roots

Disabled

OS

CentOS

3, 4

announcement, version 5 question

Disabled

OS

Ubuntu

6.10

ca-certificates

BoF discussion Import from cacert.org.crt

Stalled

OS

Fedora

120280

Dependent on Mozilla inclusion per comment 2

Stalled

OS

FreeBSD

ca-roots ca_root_nss

The old ca-roots port (which included the CAcert certificate) was removed with the comment "Not supported by FreeBSD Security Officer anymore". The current certificate package (ca_root_nss) is a copy of the Mozilla certificate package and FreeBSD is therefore dependent on Mozilla inclusion

Requested

OS

Mac OS X

5585471

Policy requires WebTrust audit

Unknown

OS

Symbian OS

Unknown

OS

Fedora

-

474549

Review Request for the integration in Fedora is open

Contain

OS

openSUSE

openSUSE package ca-certificates-cacert contains CAcert root certificates. The user may install it; it is not automatically installed during installation procedure. ref.

Unknown

OS

Suse

Order: Status, Name

Browser, etc.

Status

Category

Name

Version

Issue(s)

Owner

Comments

Included

Browser

XeroBank

2.0.0.2a

Previously Torpark

Included

Device

Nokia 770/N800/N810 (not N900)

product page

Included

Package

MirPorts Framework

net/curl

Depends on CA bundle of MirOS BSD

Included

Package

MirPorts Framework

2.0.0.14-1

www/firesomething

(Firef*x) patched with MirOS BSD certificate bundle

Included

Server

Openfire

XMPP chat server software includes class 1 & class 3 roots

Stalled

Browser

Mozilla

215243

Includes Firefox, Thunderbird, etc. Awaiting audit to meet policy, we still have some work to do

Requested

Browser

Safari

5829965

Apple

Based on WebKit & uses OS X Keychain. Users can provide feedback via Safari->Report Bugs to Apple...

Order: Status, Name

Organisations

The following organisations (in alphabetical order) deploy CAcert roots to their end user workstations:

Country

Town/State

Organisation

Comments

Austria

Vienna

htl donaustadt
(Secondary Technical and Vocational College)

Class 1 & 3 root certificates deployed to servers and workstations for students, teachers & administration

Germany

Bad Schussenried

MSE-iT Software Development

Class 1 & 3 root certificates deployed to servers and workstations for employees and customers

Switzerland

Zurich

University of Applied Sciences and Arts (HGKZ)

Class 1 & 3 root certificates deployed to servers, terminal servers and workstations for students, lecturers & administration

Order: Country, Town, Organisation

Here you will find a list of assured Organisations


InclusionStatus (last edited 2014-04-28 20:47:38 by EtienneRuedin)