spf-discuss
[Top] [All Lists]

Re: Re: Good Domain List one step closer to reality (actually two steps)

2004-08-18 10:06:25
On Wed, Aug 18, 2004 at 12:02:40PM -0400, David Brodbeck wrote:
On Tue, 17 Aug 2004 20:48:57 -0400, guy wrote
If what you say is true....Cool!  And free!

I must take a look and see.

The problem with cacert and the like is they aren't trusted by default by web
browsers, like Verisign is.  From the standpoint of a typical web user, that
means a cecert-signed certificate is no better than a self-signed certificate.

This doesn't matter in every application, but it is something to think about.


This isn't meant to be a pro- or con-free-cert post, but I wanted to
point out that it is possible to augment the list of CA's trusted by
most SSL apps, including most web browsers.

-- 
Mark C. Langston            GOSSiP Project          Sr. Unix SysAdmin
mark(_at_)bitshift(_dot_)org   http://sufficiently-advanced.net    
mark(_at_)seti(_dot_)org
Systems & Network Admin      Distributed               SETI Institute
http://bitshift.org       E-mail Reputation       http://www.seti.org


<Prev in Thread] Current Thread [Next in Thread>