> I tell clients with "public" web sites that they probably > need a cert from a popular reputable provider in order to > avoid the browser warning. But the thing to remember is that > (in most cases) the warning is saying that "your company" may > not be ok ... Not that the information is unencrypted or less > secure. SSL works the same whether you are using a commercial > cert or a self-signed cert... You data is still encrypted, > it's just that the browser can't "check" with anyone to prove > you are a reputable business. Having said that, the only > thing really required to "prove" you are reputable is that > you shell out to Verisign or someone to say it on your behalf > - so it really is a sort of protection racket.
This has nothing to do with whether your business is reputable. It has to do with whether your business is, in fact, the business it identifies itself as. The certificate authority that issues your certificate identifies your business as an ongoing concern, and the owner of the domain in question. So, when users go to that domain, the certificate authority guarantees that you are in fact the legitimate owner of that domain, and that they're actually visiting the domain they typed into the browser. The purpose of SSL/TLS is not just encryption, it's verification. This is no more a protection racket than, say, state-issued drivers licenses. You are free to create your own certificate authority, and convince Microsoft and the Mozilla Foundation to include your own root certificate in their browsers. Dave Watts, CTO, Fig Leaf Software http://www.figleaf.com/ Fig Leaf Software provides the highest caliber vendor-authorized instruction at our training centers in Washington DC, Atlanta, Chicago, Baltimore, Northern Virginia, or on-site at your location. Visit http://training.figleaf.com/ for more information! ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Adobe® ColdFusion® 8 software 8 is the most important and dramatic release to date Get the Free Trial http://ad.doubleclick.net/clk;160198600;22374440;w Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:297380 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4