FYI, the Nokia 770 Internet tablet comes with CAcert's root certificate pre-installed in its Opera browser. It's the first commercial consumer product that I've seen that does that.
Posted by Andreas Ehn at March 4, 2006 06:39 AMthe Nokia 770, at least mine (original nokia firmware) just doesn't warn on a "not secure site" status. I could load
http://financialcryptography.com, https://financialcryptography.com and https://www.financialcryptography.com without any difference in display, except the little lock on the addressbar (which presumably replaces the display of the protocol).
but positive news is that my safari only complains when I open the site with the https://www prefix. Leaving out the www works now fine with this certificate and the root certificate of cacert in my mac keychain.
Posted by Matthias Subik at March 5, 2006 07:37 AMHa! OK the way the cert is structured is that the CN == financialcryptograph.com and the altSNs include that as well as the www.fc ... and other names.
So, what you could do is to also browse over to https://koalagold.com/ and to https://www.koalagold.com/ which are in the same cert as altSubjectNames. This is all according to the vHostsTaskForce recommendations.
Posted by iang at March 5, 2006 08:51 AM