Yay! Certificates are the latest hot topic. I had a discussion about this with a few people back at the RMLL because lots of users there were complaining about it. I have no strong opinion on this myself, but it strikes me that Mozilla could help here.

The worst problem is self-signed certificates, which are especially common in our free software world. People have commented that using CAcert should help, but as long as the CAcert root certificates are not installed by default with your browser, this won't help much. And it seems this is not going to happen (well, at least for Firefox) because of Mozilla's CA certificate policy. I guess other browsers have a similar policy, and the policy itself probably makes some sense.

So what can Mozilla do? Let's look at the Mozilla Manifesto (which seems to be offline at the moment -- but you can look at the archived version). The fourth principle is related to this issue and reads as Individuals' security on the Internet is fundamental and cannot be treated as optional.. And then in the Mozilla Foundation pledge, you can read use the Mozilla assets (intellectual property such as copyrights and trademarks, infrastructure, funds, and reputation) to keep the Internet an open platform. Can you see where I'm heading?

I believe the Mozilla Foundation could use some of its assets to be a certificate authority that operates in a compitable way with its own CA certificate policy. It would offer this service to non-commercial entities that respects some criteria. I'm not going to put a list of potential criteria here, but I guess many free software projects would qualify and would benefit of this. This would fix what Chris highlights in his post, ie, the fact that it affects the free software community more than others. And it would also help improve the user experience web, which is one of Mozilla's missions.

• Got positive feedbacks about our plans. We still need to write down things for people who are not at GUADEC (sorry that it feels like teasing to you). I'm not posting the slides yet since, well, they're pretty much useless without some text. Some people are worried that we're going to do something big that might destabilize GNOME: we're pretty aware of those kind of risks and that's relly not the plan. We will try to write all the details today or tomorrow, but it's hard to find free time for that during GUADEC.

• New plan for copyright assignment and licensing in evolution. Summary: no more copyright assignment, move to LGPLv2 and LGPLv3. I was far from being a fan of the copyright assignment requirement, so cool news.

• Matt Webb's keynote was good. Many interesting thoughts, and it was funny to see him recommend some kind of documentation for the various D-Bus APIs we have -- something I had in the back of my head: it will indeed encourage people to start playing with them. And doing new stuff.

• Had a discussion with Dimitris about how to organize the work on Transifex, and he sent his thoughts as a roadmap.

• Yet another meeting. With Lennart, Bastien, Jens and Marc-André about sound in GNOME. Productive, with action items.

• The boat party was great. Many thanks to Collabora for such a good time!

• We of course had the Ice Cream Deathmatch. So, it seems people thought it was all about speed, while really it's all about enjoying :-) On the other hand, Henri Bergius (if I remember well) is just not a human since he ate everything so quickly. But, well, his bio mentions Henri Bergius is a former Viking based in the Nordic country of Finland...

• A party on a boat is great. There can be some small issues, though. Like: when you don't hear that you have some limited time to go out of the boat before it does another round. We were quite a few people in this situation. Ooops :-)

• Chatted with Owen and Andreas. Result: we'll try to organize a hackfest. I love how starting to talk about something can lead to some really concrete idea.

• The gourmet restaurant tradition has been honored. GUADEC wouldn't be GUADEC without this.

• Lucas and I have been volunteered to do a lightning talk about GNOME Outreach Program: Accessibility. One of the things that people seem to not really know about this program is all the small tasks that are easy to complete. Everybody should at least take a look!

• To let people know that their lightning talk time was about to end, Behdad hacked some quick & dirty script that beeped quite loudly. Annoying. Amazing.

• Around 115 people attended the Foundation AGM. Went great -- we actually expecting tougher questions ;-)

• Federico knows how to do awesome demos during a keynote. Sure, he's cheating with non-live stuff, but still awesome!