Re: Who do you trust? (What CA's do you trust?)
On 2020-01-30 18:06, Charles Mills wrote: Who do you trust? What CERTAUTH certificates do you have installed and trusted? I am contemplating purchasing an FTP server certificate for z/OS client FTP access. I'd like to know which CA's are most likely to already be installed in customers' CERTAUTH keyrings. IBM used to ship certificates for VeriSign, Thawte, Integrion, Entrust, Equifax and ICP. Are those still popularly-trusted CAs? What about Comodo? They are the largest CA. What about GoDaddy? What about Let's Encrypt, the no-charge CA? There's been a lot of consolidation. Equifax is GeoTrust is VeriSign. Thawte and Symantec are now DigiCert. FWIW, from Mozilla: "Most browsers, not just Firefox, do not trust certificates by GeoTrust, RapidSSL, Symantec, Thawte, and VeriSign because these certificate authorities failed to follow security practices in the past." https://support.mozilla.org/en-US/kb/what-does-your-connection-is-not-secure-mean -- Regards, Gord Tomlin Action Software International (a division of Mazda Computer Corporation) Tel: (905) 470-7113, Fax: (905) 470-6507 Support: https://actionsoftware.com/support/ -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: Who do you trust? (What CA's do you trust?)
On 1/30/2020 6:07 PM, Charles Mills wrote: Who do you trust? What CERTAUTH certificates do you have installed and trusted? I am contemplating purchasing an FTP server certificate for z/OS client FTP access. I'd like to know which CA's are most likely to already be installed in customers' CERTAUTH keyrings. I'm not suggesting who anyone should trust, but IBM currently uses Digicert for its software download servers, therefore, I expect most folks already have the Digicert CA cert installed. Kurt Quackenbush -- IBM, SMP/E Development Chuck Norris never uses CHECK when he applies PTFs. -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Who do you trust? (What CA's do you trust?)
X-posted IBM-MAIN and RACF-L. Who do you trust? What CERTAUTH certificates do you have installed and trusted? I am contemplating purchasing an FTP server certificate for z/OS client FTP access. I'd like to know which CA's are most likely to already be installed in customers' CERTAUTH keyrings. IBM used to ship certificates for VeriSign, Thawte, Integrion, Entrust, Equifax and ICP. Are those still popularly-trusted CAs? What about Comodo? They are the largest CA. What about GoDaddy? What about Let's Encrypt, the no-charge CA? There's been a lot of consolidation. Equifax is GeoTrust is VeriSign. Thawte and Symantec are now DigiCert. Thanks, Charles -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN