Tilted Forum Project Discussion Community - View Single Post - SSL Cert 128bit

trache · 04-22-2005, 10:31 AM

http://www.cacert.org/

Free SSL certificates. The only thing you have to do is import their root certificate (since it isn't shipped by default by many current browsers). Therefore, you will still the untrusted site dialog ("This certificate comes from an untrusted source, what would you like to do?"), but:

1. You don't have to go through the trouble of trying to figure out how to create an SSL certificate yourself (You have to create your own root certificate, then create a certificate request and then sign your certificate request with your own root certificate, blah blah blah).
2. As time passes, the authority will gain more popularity and hopefully more trust.
3. It's free. You get what you pay for.

Let's not forget that Versign is NOT worth any money.

Why? I once bought a digital certificate that I could use to sign my e-mail. It cost me $10-20 if I remember, but in no way did they ask for any verifiable proof that I was who I said I was. What good is that?

Certificates were created so that if in any event information was compromised, someone is definitely held accountable, and that you know exactly who it is. It is kind of like trading GPG keys - you don't ever trust a key unless at the very least you have seen their fingerprint and can verify their owner's identity (and you trust them).

04-22-2005, 10:31 AM	#6 (permalink)
trache Insane	http://www.cacert.org/ Free SSL certificates. The only thing you have to do is import their root certificate (since it isn't shipped by default by many current browsers). Therefore, you will still the untrusted site dialog ("This certificate comes from an untrusted source, what would you like to do?"), but: 1. You don't have to go through the trouble of trying to figure out how to create an SSL certificate yourself (You have to create your own root certificate, then create a certificate request and then sign your certificate request with your own root certificate, blah blah blah). 2. As time passes, the authority will gain more popularity and hopefully more trust. 3. It's free. You get what you pay for. Let's not forget that Versign is NOT worth any money. Why? I once bought a digital certificate that I could use to sign my e-mail. It cost me $10-20 if I remember, but in no way did they ask for any verifiable proof that I was who I said I was. What good is that? Certificates were created so that if in any event information was compromised, someone is definitely held accountable, and that you know exactly who it is. It is kind of like trading GPG keys - you don't ever trust a key unless at the very least you have seen their fingerprint and can verify their owner's identity (and you trust them). __________________ "You looked at me as if I was eating runny eggs in slow motion." - Gord Downie of The Tragically Hip Last edited by trache; 04-22-2005 at 10:42 AM..