P.N. wrote:
>I wonder, why cacert (http://www.cacert.org/) isn't installed
>as a certificates issuer - any problems with it?
>Can I trust it, or shouldn't I for some reason?

Starting last Summer, there has been quite a dust-up
over the way Gecko handles certs.

The Mozilla Foundation has caught Hell for it.
Mostly it's a lot of scaremongering on the part of the Gecko guys.

A number of the **pre-approved** CAs are steaming piles of fraud.
The certificates from many of those (which you accept by default)...

(different spot on the same page)

....are actually WORSE than the ones from CACert.
(another spot on that page)

....and as has been mentioned,
CACert is on the cusp of being included by default.