Is there anyone using verisign or other "trusted" CA-signed certificates for your stunnel-connections (pop3, smtp et al)? What I really want to know is of course if you find it in any way meaningful to use ssl-encryption without being able to trust the certificates? Crypto is fine, but with these nice man-in-the-middle-attack tools that exists today it may just give a false sense of security. What's your opinion? Or don't we want to discuss serious things on this list? /magnus