Wednesday, Wednesday, August 22, 2001, 2:40:37 PM, Lynn W. Taylor wrote:
> I didn't bother with Thawte's CPS, but Entrust seems to cover the issue at
> 2.1.3(vii):
> only use an Entrust.net SSL Web Server Certificate on behalf of the person,
> entity, or organization listed as the Subject in such Entrust.net SSL Web
> Server Certificate;
> I've seen similar language in every other certificate agreement I've seen.
Actually I meant to say Equifax and not Entrust, I was typing too fast
:)
But the Entrust CPS also lets Entrust revoke certificates if they
receive a complaint that the certificate holder is violating someone
else's trademark, something a CA should not be involved with at all.
Their CPS is pretty intrusive, as is their verification process, much
more so than any other CA I have seen, including Verisign (who also
has a clause like the one you mentioned above).
I'd also like to point out that what those companies say and what they
do in practice are entirely different things. I've never heard of
a case where a hosting provider (and like I said, the largest in the
business do this currently on a massive scale) had a certificate
revoked for doing this.
Based on that, I'd have to say that Equifax and Thawte are currently
the more "customer friendly" CA's, not to mention the most cost
effective. Thawte will most likely end up getting corrupted by their
parent company in time, but I think the loosening of the secure
certificate market is going to be a trend, one I certainly think is
long overdue.
All this discussion had done is made me feel even more strongly about
my choice of certificate provider as being the right one :)
--
Best regards,
William X Walsh <[EMAIL PROTECTED]>
Userfriendly.com Domains
The most advanced domain lookup tool on the net
DNS Services from $1.65/mo
