I did a similar thing except that I told them I was installing Ubuntu. Told my dad what program was for what, haven't heard a word. My mom had been using Ubuntu for about a year or so before that.
I'm fortunate enough to have a dad that's so inept with computers that he hasn't had a virus.
There's only one problem left but I can't fix that untill I go home.
The purpose of only trusting root CAs like VeriSign is the trust that the CA did the verification work. Obviously, in practice, it doesn't work out that way.
In theory, trusting an issuer like CAcert by default defeats the purpose of the system. The system is setup so that the CA verifies the identity of the person purchasing the cert(in theory) before issuing the cert. CAcert doesn't do that for the most part(unless you participate in the Web of Trust for which the nearest Assurer or Trusted Third Party may be quite distant and therefore unavailable).
In theory, including CAcert and other CAs like it would be a huge mistake. In practice, it would be a good idea because from what I hear, VeriSign does as much verification as CAcert sometimes so why not include CAcert?
Slashdot Mirror
I did a similar thing except that I told them I was installing Ubuntu. Told my dad what program was for what, haven't heard a word. My mom had been using Ubuntu for about a year or so before that. I'm fortunate enough to have a dad that's so inept with computers that he hasn't had a virus. There's only one problem left but I can't fix that untill I go home.
The purpose of only trusting root CAs like VeriSign is the trust that the CA did the verification work. Obviously, in practice, it doesn't work out that way. In theory, trusting an issuer like CAcert by default defeats the purpose of the system. The system is setup so that the CA verifies the identity of the person purchasing the cert(in theory) before issuing the cert. CAcert doesn't do that for the most part(unless you participate in the Web of Trust for which the nearest Assurer or Trusted Third Party may be quite distant and therefore unavailable). In theory, including CAcert and other CAs like it would be a huge mistake. In practice, it would be a good idea because from what I hear, VeriSign does as much verification as CAcert sometimes so why not include CAcert?
Four words: tiered internet is bullshit