From owner-freebsd-chat Mon Oct 21 20:21:24 2002 Delivered-To: freebsd-chat@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id B452737B401 for ; Mon, 21 Oct 2002 20:21:22 -0700 (PDT) Received: from seattlefenix.net (seattleFenix.net [216.39.145.247]) by mx1.FreeBSD.org (Postfix) with ESMTP id 4321B43E6A for ; Mon, 21 Oct 2002 20:21:22 -0700 (PDT) (envelope-from roo@seattlefenix.net) Received: by seattlefenix.net (Postfix, from userid 1001) id 0B9BA36B04; Mon, 21 Oct 2002 20:21:10 -0700 (PDT) Date: Mon, 21 Oct 2002 20:21:10 -0700 From: Benjamin Krueger To: Brett Glass Cc: "Kevin D. Kinsey, DaleCo, S.P." , ulf@Alameda.net, freebsd-chat@FreeBSD.ORG Subject: Re: Verisign, Thawte, Entrust, whom? Message-ID: <20021022032110.GF604@surreal.seattlefenix.net> Reply-To: benjamin@seattleFenix.net References: <031601c2792f$34e371a0$fa00a8c0@DaleCoportable> <20021021121147.G27297@seven.alameda.net> <4.3.2.7.2.20021021195034.02b20c70@localhost> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <4.3.2.7.2.20021021195034.02b20c70@localhost> User-Agent: Mutt/1.4i X-PGP-Key: http://www.macguire.net/benjamin/public_key.asc Sender: owner-freebsd-chat@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org * Brett Glass (brett@lariat.org) [021021 18:54]: > At 03:24 PM 10/21/2002, Kevin D. Kinsey, DaleCo, S.P. wrote: > > >Ulf, I happened to google far enough to hit > >"GeoTrust," and will be looking hard at > >that ... less than half of VeriSign...that is, > >unless I can figure out what Brett DOES > >do in this regard... :-) > > Well, it's hard to imagine that having a certificate > from Verisign would engender any real trust. After > all, they're a would-be monopolist, are under > investigation for mail fraud, and have ripped off > tens of thousands of domain name registrants for > years. > > We just warn users that a window will pop up, and > tell them that by accepting our certificate they'll > be assured of secure communications with us in the > future. It works. > > --Brett Thus rendering useless half of the purpose of Secure Certificates. Oh sure, your customers get secure (128bits!) communications with an HTTPS server. "An" HTTPS server, but possibly not "your" HTTPS server. So much for that whole verified identity via trusted 3rd party thing... -- Benjamin Krueger ---------------------------------------------------------------- Send mail w/ subject 'send public key' or query for (0x251A4B18) Fingerprint = A642 F299 C1C1 C828 F186 A851 CFF0 7711 251A 4B18 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-chat" in the body of the message