On Wed, May 14, 2008 at 11:40 AM, Mackenzie Morgan <[EMAIL PROTECTED]> wrote: > On Tue, 2008-05-13 at 16:24 -0400, Phillip Susi wrote: >> No, they won't, and shouldn't. Why pay some idiot corporation an >> extortion fee just because they bribed the browser manufacturers to >> include their certs by default? There is NO added security to having a >> paid for cert. See the several incidents where bank web sites have been >> spoofed on a slightly misspelled version of the domain name and issued a >> "valid" cert from a CA "proving" they are the bank you thought you were >> visiting. > > http://cacert.org, which has its certs included in Ubuntu by default, is > free.
Be advised however to use the new OpenSSL[0] to generate your CSR and private key pair, in light of DSA-1571[1]. [0] http://packages.ubuntu.com/openssl [1] http://www.ubuntu.com/usn/usn-612-1 It may also be worth considering putting off submitting CSRs to CAs (CACert included) until those CAs can confirm that they are not (or no longer) affected by the issue. Cheers, Zakame -- Zak B. Elep || http://zakame.spunge.org [EMAIL PROTECTED] || [EMAIL PROTECTED] || [EMAIL PROTECTED] 1486 7957 454D E529 E4F1 F75E 5787 B1FD FA53 851D -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
