On 2020-01-30 18:06, Charles Mills wrote:
Who do you trust? What CERTAUTH certificates do you have installed and
trusted?
I am contemplating purchasing an FTP server certificate for z/OS client FTP
access. I'd like to know which CA's are most likely to already be installed
in customers' CERTAUTH keyrings.
IBM used to ship certificates for VeriSign, Thawte, Integrion, Entrust,
Equifax and ICP. Are those still popularly-trusted CAs?
What about Comodo? They are the largest CA. What about GoDaddy? What about
Let's Encrypt, the no-charge CA?
There's been a lot of consolidation. Equifax is GeoTrust is VeriSign. Thawte
and Symantec are now DigiCert.
FWIW, from Mozilla:
"Most browsers, not just Firefox, do not trust certificates by GeoTrust,
RapidSSL, Symantec, Thawte, and VeriSign because these certificate
authorities failed to follow security practices in the past."
https://support.mozilla.org/en-US/kb/what-does-your-connection-is-not-secure-mean
--
Regards, Gord Tomlin
Action Software International
(a division of Mazda Computer Corporation)
Tel: (905) 470-7113, Fax: (905) 470-6507
Support: https://actionsoftware.com/support/
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
