Peter Schober wrote:
* Mike -- EMAIL IGNORED m_d_berger_1...@yahoo.com [2009-07-22 01:46]:
I am thinking of securing part of my low volume
web site with SSL. I wend to some certificate
authorities, and I was blown away by the prices.
Are there that are both cheap and widely recognized?
Jfyi:
-Original Message-
From: news [mailto:n...@ger.gmane.org] On Behalf Of Nicholas Sherlock
Jfyi: you might also try free and not widely recognized,
http://cacert.org/
Won't certificates signed by them be only useful for
internally-deployed
apps? They're not a trusted root on
Boyle Owen wrote:
...
It's worth remembering what a certificate is for; it is a document,
undersigned by a third-party, that confirms that you are who you say you
are. The third-party certificate signing authority is putting their
reputation on the line and has a moral (even a legal)
-Original Message-
From: André Warnier [mailto:a...@ice-sa.com]
Sent: Wednesday, July 22, 2009 3:09 PM
To: users@httpd.apache.org
Subject: Re: [us...@httpd] Re: Low priced certificate?
We are a services company, and provide websites to select
customers, for
their own usage
* Boyle Owen owen.bo...@six-group.com [2009-07-22 14:43]:
-Original Message-
From: news [mailto:n...@ger.gmane.org] On Behalf Of Nicholas Sherlock
Jfyi: you might also try free and not widely recognized,
http://cacert.org/
Won't certificates signed by them be only useful
It sounds to me like you are hosting their sites... meaning you have
virtual hosts, etc.?
If I go to my bank and open a checking account... fine... it's free.
However, if I want a safe deposit box, I'll have to pay... unless...
maybe if I keep X amount of money deposit accounts with the
On Wed, Jul 22, 2009 at 02:43:10PM +0200, Boyle Owen wrote:
It's worth remembering what a certificate is for; it is a document,
undersigned by a third-party, that confirms that you are who you say you
are. The third-party certificate signing authority is putting their
reputation on the line
On Wed, Jul 22, 2009 at 03:09:25PM +0200, André Warnier wrote:
While not contradicting the essence of the above, I would like to know
something for my own edification, if some expert could comment.
I don't think of myself as an expert, but I'm free with my opinions. :-)
[a desire to secure
That said, the most expensive gold-plated cert. you can buy may not be
worth much more, in your application, than one you could get for half
as much.
This is absolutely correct...except that some may appreciate the fact
that you're using the gold-plated cert.
That is, it sounds much better to
On Jul 22, 2009, at 11:40 AM, Mark H. Wood wrote:
On Wed, Jul 22, 2009 at 03:09:25PM +0200, André Warnier wrote:
While not contradicting the essence of the above, I would like to
know
something for my own edification, if some expert could comment.
I don't think of myself as an expert, but
* Joseph Morgan josephmmor...@hotmail.com [2009-07-22 17:47]:
In the cert world, your customers would likely rather see that your
certs are signed by Verisign than by
pimpmycert.com
As if they could tell the difference.
If both root CAs are in the browser's root chain, why shouldn't they
André Warnier wrote:
It is my understanding that we could set up our own certificate
authority (CA) and create our own server certificates. A customer
browser, upon the first connection, would pop up some message indicating
that it cannot verify this certificate, and offering maybe to
Nicholas Sherlock wrote:
An attacker can use precisely the same mechanism to serve their own
certificate. Your website will have carefully trained the user in
advance to ignore all security warnings and accept the rogue
certificate. What a waste of time. The only thing you're protecting
13 matches
Mail list logo