> I know, the certifiers are scamming us, they don't really check anyone
> out. The browsers are self serving, they want you to pay them to certify
> your certificate. But, we have no regulation, that's the way it is
> today.
Sorry, but I have to disagree, not all Certification Authorities are "scammers".
The important thing to watch out for is the validation process a Certification Authority applies before issuing a SSL certificate.
You might be right that some CA's validation procedure is not worth the money you pay, since they just do a simple automatic domain name check resulting in a low assurance SSL certificate that contains no business credentials and does not convey trust about the individual or organization the SSL certificate is issued for.
However, other CA's, like us, apply a complete validation process to issue high assurance SSL certificates.
By doing a complete validation, we ensure that only fully authenticated and validated information such as the domain name, company name, address, city, state and country is included within the certificate.
This means, whenever you visit a site that uses a high assurance SSL certificate, the authenticated credentials will be available within the SSL certificate. You can then inspect these credentials with your browser, giving you the security that you are actually dealing with a legally accountable individual or organization.
So, in the end, the question one has to ask is, what do I want to achieve by using SSL and how much money / time do I want to spend to achieve that goal and you will find out if a self signed, low assurance CA or high assurance SSL certificate best suits your needs.
Since nowadays even high assurance SSL certificates have become affordable, I doubt there are many occasions where one can get SSL implemented cheaper by going through the process of setting up a self signed SSL certificate, considering the time one has to spend learning how to generate and implement a self signed SSL certificate and the disadvantages (no browser recognition, no 3. part validation, no expert support) one still will have to deal with.
Kind Regards
Pascal Geuns
QualitySSL
http://www.qualityssl.com
----------------------------------------------------------
Get a FREE 30 day SSL Certificate, visit
http://www.qualityssl.com
----------------------------------------------------------
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Macos-x-server mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
http://lists.apple.com/mailman/options/macos-x-server/email@hidden
This email sent to email@hidden
