Gerald Waugh wrote: > lets be a little realistic here! > There are certs and there are certs and then there are warranties!!!
When we build our pages to discuss and sell certs we'll mention various warranty levels. But we'll also ask the hard question... how much is the warranty worth? And has anyone ever collected on one? The purpose of the "warranty" is to cover damages if the cert misidentifies the website as someone it's not. So the warranty isn't protecting the site purchaser; s/he knows if s/he is or isn't the owner of the real site. The warranty is protecting the visitor. The value in it is only if you've got customers who will only log onto your site if they know and recognize the cert provider. My gut feeling is that very few customers care. Personally I think most people use certs for secure connection, and not to verify identification. Discussions on various isp-lists have shown I'm not alone in the thought, though of course there are a lot of disagreements. However I'm sure I'm not the only cert reseller who'll be happy to charge you $300 or $400 for a cert and to make sure you are who you say you are before I issue it. Jeff -- Jeff Lasman <[EMAIL PROTECTED]> Linux and Cobalt/Sun/RaQ Consulting nobaloney.net, P. O. Box 52672, Riverside, CA 92517 voice: +1 909 778-9980 * fax: +1 909 548-9484 _______________________________________________ cobalt-security mailing list [EMAIL PROTECTED] http://list.cobalt.com/mailman/listinfo/cobalt-security
