From owner-freebsd-chat Tue Oct 22 19:23:22 2002 Delivered-To: freebsd-chat@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 2585837B401 for ; Tue, 22 Oct 2002 19:23:21 -0700 (PDT) Received: from lariat.org (lariat.org [63.229.157.2]) by mx1.FreeBSD.org (Postfix) with ESMTP id 6E71243E3B for ; Tue, 22 Oct 2002 19:23:20 -0700 (PDT) (envelope-from brett@lariat.org) Received: from mustang.lariat.org (IDENT:ppp1000.lariat.org@lariat.org [63.229.157.2]) by lariat.org (8.9.3/8.9.3) with ESMTP id UAA16526; Tue, 22 Oct 2002 20:22:20 -0600 (MDT) X-message-flag: Warning! Use of Microsoft Outlook is dangerous and makes your system susceptible to Internet worms. Message-Id: <4.3.2.7.2.20021022201207.00c1c240@localhost> X-Sender: brett@localhost X-Mailer: QUALCOMM Windows Eudora Version 4.3.2 Date: Tue, 22 Oct 2002 20:22:13 -0600 To: Larry Sica From: Brett Glass Subject: Re: Verisign, Thawte, Entrust, whom? Cc: "Kevin D. Kinsey, DaleCo, S.P." , ulf@Alameda.net, freebsd-chat@FreeBSD.ORG In-Reply-To: References: <4.3.2.7.2.20021021195034.02b20c70@localhost> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-freebsd-chat@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org At 10:04 AM 10/22/2002, Larry Sica wrote: >Ok, what about all the other SSL cert providers? When Ma Bell was found to be a monopoly did you stop using the phone? The Bell System was a legally granted monopoly. It was never "found" to be one. However, I have switched, as much as is possible, away from Qwest, its offspring. Not only did US West neglect vital maintenance of infrastructure and defer connections to new customers for more than a year to make its balance sheet look better before the acquisition, but Qwest (which acquired it with dot-com stock) likewise cooked the books in collusion with Global Crossing. The result: a colossal meltdown that may yet lead to bankruptcy. Some business with the local phone Nazis is unavoidable, but I do give other companies my business when I can. >Doesn't this kind of defeat the purpose to a degree of using certificates. One wants a third party CA so people will be able to trust your site. None of the third parties are trustworthy. Any slimeball can get a certificate, and sites that rip people off have certificates just like honest ones do. The companies that issue certificates are the least trustworthy of all. Again, may I remind you that Verisign committed mail fraud. The Postal Inspector asked me to gather evidence, and for all I know I may be a witness at some point in the future. (Of course, since we're under the Dubya administration, Verisign may get off simply by greasing the right palms. George and Dick *love* corporate money.) But I digress. In the real world, the only thing https:// is good for is encryption. It is no guarantee at all that a site is trustworthy in any way, shape, or form. --Brett To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-chat" in the body of the message