Date: Tue, 16 May 2006 19:15:12 +1000 From: Peter Jeremy <peterjeremy@optushome.com.au> To: "James O'Gorman" <james@netinertia.co.uk> Cc: FreeBSD Security List <freebsd-security@freebsd.org> Subject: Re: Slightly OT: SSL certs - best practice? Message-ID: <20060516091512.GE714@turion.vk2pj.dyndns.org> In-Reply-To: <4469064F.50102@netinertia.co.uk> References: <4469064F.50102@netinertia.co.uk>
next in thread | previous in thread | raw e-mail | index | archive | help
--neYutvxvOLaeuPCA Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Mon, 2006-May-15 23:53:03 +0100, James O'Gorman wrote: >PS - Once I've worked out how exactly I'm supposed to be doing this, >I'll probably get some "officially" signed certs. I hear CACert are a >good, free way of doing this. Anyone got any comments on that? I've gone through the CAcert assurance process and it seems to work, though a lot depends on your access to other assurers. Note that the CAcert certificates are now part of ports/security/ca-roots though the issue of bootstrapping remains (how do you know that your roots file is genuine). --=20 Peter Jeremy --neYutvxvOLaeuPCA Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.3 (FreeBSD) iD8DBQFEaZgf/opHv/APuIcRAm8WAJ9YozyKpoGVRNj0HOjYWo9fizAGXQCggPx1 aEjrl8pyT3kpndgBMiWOB0A= =C5j3 -----END PGP SIGNATURE----- --neYutvxvOLaeuPCA--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20060516091512.GE714>