I just ran across http://certs.centurywebdesign.co.uk/premiumssl-wildcard.html
but there are many more sites like that: Secure multiple websites with a single PremiumSSL Certificate. For organisations hosting a single domain name but with different subdomains (e.g. secure.centurywebdesign.co.uk, www.centurywebdesign.co.uk, signup.centurywebdesign.co.uk), the wildcard Certificate is a cost effective and efficient means of securing all subdomains without the need to manage multiple certificates. All the features, compatibility and warranty of PremiumSSL included. This strikes me as notoriously bad, although it is in accordance with the RFC. I still don't want to accept the usefulness and inherent security, so I'd like to get some expert opinions on this. Are wildcard certficates good? secure? useful? Would you employ them? If not, how would you solve the problem they are trying to address (if you don't have your own CA)? Thanks! -- martin; (greetings from the heart of the sun.) \____ echo mailto: !#^."<*>"|tr "<*> mailto:"; [EMAIL PROTECTED] keyserver problems? http://keyserver.kjsl.com/~jharris/keyserver.html get my key here: http://madduck.net/me/gpg/publickey "a scientist once wrote that all truth passes through three stages: first it is ridiculed, then violently opposed and eventually, accepted as self-evident." -- schopenhauer
pgp00000.pgp
Description: PGP signature
