The documentation states that being one's own CA is insecure in the Internet environment, while is acceptable on the intra-net. Could anyone explain the issues implied by that statement? Also, to what extent is the user inconvenienced by an SSL site using certificate signed by a non-well-known authority? Are the browsers cooperative when it comes to adding such an authority to the list of known CAs? We are planning on setting up a secure site for a university's computer lab for the instructors and students to use. So, the context is non-commercial environment where the users can trust us to provide valid certificates. They'll be connecting both via the local network and the Internet, though, and we'd like to know what we are risking by going the way of being our own CA. Many thanks in advance, -- Arcady Genkin ______________________________________________________________________ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
