[LinuxUsers] today (PKI / CAcerts) / topics for next meeting?
Jeff Lasman
jplists at nobaloney.net
Tue Jan 13 20:18:33 UTC 2009
On Monday 12 January 2009 09:28 pm, Roger E. Rustad, Jr wrote:
> That's awesome, you took my bait, Jeff!
>
> In all seriousness, though...
>
> The certs that you sell are fully functional in client apps like
> Thunderbird, IE, and FF? Why would one get a cert through you as
> opposed to paying lots of money or doing it themselves. Who is the
> ultimately authority on those certs?
Our Certs are issued by GeoTrust. I've sent you a URL to your email
address. Note that this particular Certificate is signed with the MD5
algorithm using RSA encryption. GeoTrust has announced they've started
to use the SHA-1 algorithm, but I haven't bought a Certificate since
the announcement so I can't guarantee that.
People pay more for Certificates because they believe it gives them
better security; often a better warranty (our Certificates do NOT come
with a warranty). Note that no warranty has ever been paid, and it
never gets paid on a valid Certificate on a valid site; it only gets
paid if someone buys a Certificate from the CA and then uses it to
spoof a site.
I was going to mention the warranty issues at the meeting, but the
discussion went in a different direction.
Jeff
--
Jeff Lasman, Nobaloney Internet Services
P.O. Box 52200, Riverside, CA 92517
Our jplists address used on lists is for list email only
voice: +1 951 643-5345, or see:
"http://www.nobaloney.net/contactus.html"
More information about the LinuxUsers
mailing list