[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-users] raq3 ssl

Subject: Re: [cobalt-users] raq3 ssl
From: Jeff Lasman <jblists@xxxxxxxxxxxxx>
Date: Sun Sep 17 11:30:53 2000
Organization: nobaloney.net

Jerald C Jones wrote:

> What makes what Verisign does so special?

Not much.  You can get do everything they do.

> Why are Verisign and Thawte (actually both are Verisign) the only "trusted" sources for
> signing a certificate?

They're not.  Check your browser; somewhere in it is a list of
certificate signing authorities it trusts.

> How would one go about becoming a "trusted" source for cert.
> signing and get integrated in future browser
> updates?

Simple.  Just get Microsoft, Netscape, etc., to "trust" you.

> The more I think about this, the more the word "scam" comes to mind.

What Verisign, Thawte and others do is verify that you are who you say
you are.  Most of us consider only the encryption part of the
certificate, but the fact is that the identity part is at least as
important.  For example, if I were a thief and could create my own
certificate saying I was your bank, how much data do you think I could
get before someone noticed I wasn't?

Plenty of people verify their own certificates.  I use some of them, but
in general I find that they're penny-wise-pound-foolish in other areas
as well.

Jeff
-- 
Jeff Lasman <jblists@xxxxxxxxxxxxx>
nobaloney.net
P. O. Box 52672
Riverside, CA  92517
voice: (909) 787-8589  *  fax: (909) 782-0205

References:
- RE: [cobalt-users] raq3 ssl
  - From: Jerald C Jones

Prev by Date: [cobalt-users] /usr/local/sbin/split_logs web < /var/log/httpd/access
Next by Date: Re: [cobalt-users] Majordomo Question
Previous by thread: RE: [cobalt-users] raq3 ssl
Next by thread: RE: [cobalt-users] raq3 ssl

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index