> -----Original Message-----
> From: [EMAIL PROTECTED]
> ... On Behalf Of Jason Haar
> Sent: Tuesday, May 23, 2000 8:03 PM
...
> Subject: Re: Certificate Authority
>
> I feel everyone is missing the point.
It strikes me that there is another need: personal certificates for email
(authenticated and/or encrypted). For this purpose, I can certainly
exchange certificates with friends and correspondents myself (e.g. by
handing a floppy disk to a friend, or registered mail to someone more
distant). I wouldn't expect the authentication done by commercial CAs to be
cost effective for this purpose.
The free email certificates issued by VeriSign are adequate - except that
they're only good for two months. I'd be much happier with a six or twelve
month policy on those. Once upon a time, PGP presented a viable
alternative, but I don't believe it will survive. (I hope it does, but I'm
pessimistic.) At one point, I thought Thawte personal certs were the
answer, but then I learned that they required an unjustifiable amount of
personal information for which they purportedly have no use - it makes no
sense to me. In the meantime, I believe there is a strong need for an
alternative to the VeriSign free certificates.
I have yet to successfully connect to the openca.org site.
Gary
====================================================================
Ready-to-Run Software, Inc.
Software Porting Specialists.
*****************************
email: [EMAIL PROTECTED] Gary Feldman
fax : 1-978-692-5401 Ready-to-Run Software, Inc.
voice: 1-978-251-5431 11 School Street
www : http://www.rtr.com North Chelmsford, MA 01863
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]