Jill Ramonsky wrote: > This seems to me to a /serious/ flaw in the design of MSIE. What if > Alice doesn't /have/ a CA because she can't afford their fees? Alice can be her own CA if she wishes to - all you need is a copy of Openssl or, if you like having gui interfaces, XCA (http://sourceforge.net/projects/xca/) both of which are free.
> (or she > doesn't trust them, or for any other reason you might care to think > of). In fact, if I've understood this correctly, if Alice uses MSIE, > she > can't even tell her browser to trust her own website, despite being in > possession of not only her own public key, but her own secret key as > well! What is it with MSIE that it would prefer to trust someone other > than Alice about the authenticity of Alice's site !!!??? she can so inform MSIE - marking the key as trusted the first time she "sees" it in IE, or importing the CA key from openssl/xca > Okay guys - _this is a serious question_. Alice has a web site. Alice > has a web browser which unfortunately happens to be MSIE. Alice wishes > to view Alice's web site using Alice's browser (which is not on the > same machine as the server). Alice does not wish to trust ANYONE > else, but > she does trust herself absolutely. How does she get the browser to > display the padlock? she creates her own ssl server key, then either manually imports it into IE (simply a case of double-clicking it!) or marks it as trusted the first time she connects to her ssl server. --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]