Web of Trust (a revolution)
Craig White
craigwhite at azapple.com
Tue Mar 31 21:46:33 UTC 2009
On Tue, 2009-03-31 at 10:42 -0500, Bruno Wolff III wrote:
> On Tue, Mar 31, 2009 at 12:27:08 +0100,
> Bill Crawford <billcrawford1970 at gmail.com> wrote:
> > On Monday 30 March 2009 20:12:45 Bruno Wolff III wrote:
> >
> > > CAs that charge extra in order to sign certs that have flag set to
> > > indicate that they can sign other certs in subdomains should be boycotted.
> >
> > This is actually a rotten idea. If you need internal testing systems, or to
> > dynamically create them as needed, or you want to run shared hosting using SSL
> > (as we do for internal testing, since our application requires SSL enabled)
> > then being able to sign your own sub-domains and / or have a wildcard are
> > pretty much essential.
>
> I was complaining about ripping people off by charging exhorbitant amounts
> for signing keys, not that people / orgs shouldn't be able to get them.
> Verisign does that to protect revenue, not for security reasons.
----
why does a dog lick themselves between the legs?
because they can. Everyone is free to choose to purchase certificates
from any well known certificate authority and it doesn't have to be
Verisign.
I don't know that they are exorbitant, I know that unless I am selling
something to the public and don't want to scare the bejeebus out of them
by offering a self-signed certificate, I'm not buying.
Craig
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
More information about the fedora-list
mailing list