Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Linux Links | Bling | About BLU |
Matt Shields wrote: > On Dec 30, 2007 12:58 PM, <[hidden email]> wrote: > >> Correct me if I'm wrong, isn't this a bad idea? >> >> *Anyone* can create their own certificate for their own website based on >> their own created "authority," the only difference is that user's will be >> asked if they trust the authority. >> >> The free SSL certificate doesn't seem to do any sort of checking to verify >> that the SSL site has had any sort of verification. What's worse is that >> if the authority certificate is part of Mozilla Firefox and Safari, then >> they are insecure. >> >> >> >> >>> From: Fred <[hidden email]> >>> Subject: Free SSL Certification Authority >>> To: Boston Linux Usergroup <[hidden email]> >>> Message-ID: <1199017536.13633.4.camel@jupiter> >>> Content-Type: text/plain >>> >>> For those interested in certificates, check this out: >>> >>> http://cert.startcom.org/ >>> >>> I have not tried them myself yet, but will soon. Supposedly their >>> certificates will work in most up-to-date browsers and the like, but I >>> have not verified this. >>> >>> -Fred >>> >> > > I can't remember what the name was, but a few years ago I came across > a "community" that setup a cert authority. Anyone could get a cert, > but before you were granted one you had to meet someone in your area > that was already part of the community, and they would "trust" you. I > believe they were doing it just like people do pgp signings. > > >
BLU is a member of BostonUserGroups | |
We also thank MIT for the use of their facilities. |