Date: Mon, 10 Feb 2003 17:29:33 -0800 From: Terry Lambert <tlambert2@mindspring.com> To: clemens fischer <ino-qc@spotteswoode.de.eu.org> Cc: Josef Karthauser <joe@tao.org.uk>, freebsd-hackers@FreeBSD.ORG Subject: Re: Anyone where to get a signed SSL certificate cheap? Message-ID: <3E4851FD.9B5F2943@mindspring.com> References: <20030205181724.GB87471@genius.tao.org.uk> <3E416AFA.85AF4F28@mindspring.com> <4r7cw75q.fsf@ID-23066.news.dfncis.de>
next in thread | previous in thread | raw e-mail | index | archive | help
clemens fischer wrote: > Terry Lambert <tlambert2@mindspring.com>: > > Note that many people have older browsers: the older the browser, > > the smaller the number of signing authorities they will recognize > > by default. Keep this in mind when picking browsers to examine. > > > > As a general comment, VeriSign does this as well, and tends to get > > the signing authority to either raise their price, or, if they will > > not, buys them, and raises their price. Certificate signing is fast > > becoming a monopoly. > > these seem to be two reasons for making up ones own root-CA. if > people are likely to have to import it anyway, why not give them your > own one? People will not "import it anyway". They will google for another website that sells the same thing, and go there instead. They're (effectively) told by the browser that "I think someone is maybe trying to hack you!". > also, this monopoly isn't based on something the monopolies > really have to themselves. "The ability to sell certificates which are recognized by the browser, without it telling them ``This merchant is trying to hack you''"? > the only true reason to buy a certificate might be the $$ needed to > insure or guarantee them before a court of law in case of liability. No, the reason to by a cert is to avoid a scary popup message or series of popup messages, which negatively influence a user's buy decision. For the most part, that the reason for using SSL at all, since it is statistically very unlikely that a "bad guy" is listening to your transaction at the exact time you submit a request. In fact, it's *so* unlikely, that you are more likely to have your credit card number stolen and used by a service person at your local restaurant... but they don't have big, scary popups that happen as you are entering the restaurant. -- Terry To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3E4851FD.9B5F2943>