* Jerry Leichter: > I got in touch with the company and actually received intelligent > responses both at their 800 number - I placed my order that way - and > in a response from their customer service people. Most remarkable - > almost all organizations ignore such communication. It's ironic that > those who appear to be trying the hardest are being screwed over by > the system that's currently in place - and will inadvertently be > involved in training users to simply bypass yet another kind of bad > cert warning.
This is also why I don't want browser vendors to remove CAs for which they haven't got enough documentation, at least at this stage. After a few rounds of competitors attacking each other (and themselves as well, because who knows who controls some of the older private keys these days), the only CAs left are those where initiating RA procedures is sufficiently difficult for law-abiding citizens--and cost is a very likely discriminator in this area. And for most sites, those extra $$$ are better spent on hosting with some sort of security monitoring. --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [email protected]
