[ previous ] [ next ] [ threads ]
 
 From:  "John Voigt" <1geek at jvoigt dot com>
 To:  "Brandon Holland" <brandon at cookssaw dot com>, "'Matchstick'" <matchstick at oofg dot com>
 Cc:  <m0n0wall at lists dot m0n0 dot ch>
 Subject:  Re: Re[2]: [m0n0wall] SSL keys?
 Date:  Wed, 28 Jan 2004 12:29:02 -0500
----- Original Message ----- 
From: "Brandon Holland" <brandon at cookssaw dot com>


> <RANT>
> This is stupid to me.
>
> The industry has CREATED a market where there is none.  What are we
> really paying for? Not a certificate: anyone can have a Verisign cert if
> they buy it, so why is verisign better than cacert? It's not.  It's just
> blindly accepted in most browsers.  That is gay.
> </RANT>
>
Verisign, Thawte and others of the same ilk are signing your cert saying you
are who you are claiming to be.  It costs them money to call you on the
phone, check your credit report or whatever else they do to be comfortable
signing your cert.

Certs are about trust.  Browser makers have chosen some CAs to trust.  If
all you want is the SSL encryption then you can sign your own cert - that's
what I do.

John/

John Voigt, President

Reston Wireless, LLC
High speed internet service
no smoke, no mirrors, no wires (tm)
http://www.reston-wireless.net/