CACert (was Re: [Wolves] A day with the boys from GLLUG)
Shane M. Coughlan
shane at shaneland.co.uk
Fri May 5 17:36:31 BST 2006
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Andy Smith wrote:
> Agree, the SSL cert industry is a scam and unfortunately I don't see
> that changing any time soon.
Well, I'm not a fan of it...but I would not go so far as to call it a
scam. Certs can be really useful for some purposes, and they are often
relatively cheap.
The entire certificate industry bothers me because of trust (or lack
thereof). I don't really trust Twaith or Verisign or CACert. I don't
generally trust companies. This means that their verification of a
certificate does not inspire great amounts of security-orientated joy on
my part.
IMHO we need some form of verification. SSL certs provide a potential
avenue, but I'd like to see something else. Any suggestions anyone?
Shane
- --
Shane Martin Coughlan
e: shane at shaneland.co.uk
m: +447773180107
w: www.shaneland.co.uk
- ---
Projects:
http://mobility.opendawn.com http://gem.opendawn.com
http://enigmail.mozdev.org http://www.winpt.org
- ---
Organisations:
http://www.fsfeurope.org http://www.fsf.org
http://www.labour.org.uk http://www.opensourceacademy.gov.uk
- ---
OpenPGP: http://www.shaneland.co.uk/personalpages/shane/files/publickey.asc
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4-svn4127: (MingW32)
iQCVAwUBRFn48NwG3M95JPpzAQg8DQP+MUS4/scF5nUi3fboKs60Q+jTW+UNBCQ4
Ymyx3k8ct6ioL+momQWbL9gjemX8a/J+qNloP7FtYlmJNA1NFzHm3dGfzXtT6HOr
IE2PxePFDscukrd/T9lUxDQNaKc1C25GWQwH3H9Fr/ZUoOrCb/G9sHEHaIbxxVC0
9NxRhTMQd2A=
=qFlG
-----END PGP SIGNATURE-----
More information about the Wolves
mailing list