Hi, Michelle: On Friday 11 September 2009 11:03:05 Michelle Konzack wrote: [...]
> For one of my enterprises I have installed my OWN CA and on the 160 > servers (apache, courier, and postgresql) I installed only certs signed > by my own CA. So, I have now certs which I 100% can trust. That's just half the equation and in the case of public services not even the important half: you may be trusting your own certs, but are the ones that will use them going to trust them as well? A certificate in a server is not meant to build trust on the owner of the server but on those that use the server. I.E.: I'll trust this site is in fact Bank Of America because so says Verisign. Contrast it with "...because so says Michelle Konzack". Ps: Did you manage to get your systems on-line? It seems my previous email was spooled at webmail.codefoundry.com. -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
