Free SSL certs
Michael O'Donnell
mod+gnhlug at std.com
Wed Apr 23 20:28:23 EDT 2003
> Yes, but they're not a "trusted" CA, and users will get prompted
> when the cert pops up. Anyone can sign certs (google on CA.pl),
[ Gee, do I have permission to use a search
engine other than Google, if I'm so inclined? ]
> it's the whole "this cert is signed by a trusted authority" thing
> that (supposedly) instills confidence in the whole system.
I think I heard that the primary advantage the Big Name
CA's have is that they got grandfathered in such that
they're in the short list of those that the various
browsers (IE Explorer, NetScape, etc) are preconfigured
at build time to recognize by default. As you indicate,
there's otherwise nothing magic or sacred about them.
Heck, when you consider that (for example) VeriSign owns
(or is) Network Solutions (who don't exactly have a stellar
reputation for fair dealings or even basic competence)
the whole notion of "trusted" gets even shakier...
More information about the gnhlug-discuss
mailing list