RE: How do webcerts work with virtual hosts?

Wed, 22 Aug 2001 14:31:33 -0700 

I didn't bother with Thawte's CPS, but Entrust seems to cover the issue at 
2.1.3(vii):

only use an Entrust.net SSL Web Server Certificate on behalf of the person, 
entity, or organization listed as the Subject in such Entrust.net SSL Web 
Server Certificate;

I've seen similar language in every other certificate agreement I've seen.



-----Original Message-----
From:   William X Walsh
Sent:   Wednesday, August 22, 2001 2:21 PM
To:     Lynn W. Taylor
Cc:     INTERNET@BCN {[EMAIL PROTECTED]}
Subject:        RE: How do webcerts work with virtual hosts?

Well, I just looked at Entrust and Thawte's subscriber
agreements/CPS's and I don't see anything that would make them in
violation.

I think the point you missed was that not only is it permitted, but
that nothing dire has happened despite over 5 years of the practice
being employed.


Wednesday, Wednesday, August 22, 2001, 1:42:06 PM, Lynn W. Taylor wrote:

> Likely in violation of their agreement when they purchased the
> certificate....

> ... and the fact that "shared SSL" is widely done does not make it the right
> thing to do.

> -----Original Message-----
> From:   William X Walsh
> Sent:   Wednesday, August 22, 2001 1:39 PM
> To:     Lynn W. Taylor
> Cc:     INTERNET@BCN {[EMAIL PROTECTED]}
> Subject:        RE: How do webcerts work with virtual hosts?

> Wednesday, Wednesday, August 22, 2001, 8:53:54 AM, Lynn W. Taylor wrote:

>> In my opinion "users don't care" isn't a reason to subvert the original
>> purpose.

>> Someday, it will come back to haunt us.

> I doubt it.  The largest hosting services in the business have been
> using a single cert and providing "shared" ssl service to their
> customers in the form of
> https://servername.securesite.com/customername/
> for many many years (at least as far back as early 1996 that I can
> verify on the spur of the moment) and no dire consequences has
> happened.  This is really no different, since the certificate holder
> is not in fact the merchant or site operator.

> You will note that all of the CAs specifically disclaim any
> legal responsibility for verifying the identity of the certificate
> holder.  Not a single one backs up their certificates with any kind of
> a guarantee on the identity of the certificate holder.


> --
> Best regards,
> William X Walsh <[EMAIL PROTECTED]>
> Userfriendly.com Domains
> The most advanced domain lookup tool on the net
> DNS Services from $1.65/mo




--
Best regards,
William X Walsh <[EMAIL PROTECTED]>
Userfriendly.com Domains
The most advanced domain lookup tool on the net
DNS Services from $1.65/mo

Reply via email to