Correct. The cost of being CA is equal to the cost of getting CA signing pub key into the target audience browsers.
You can (sorted by increasing security, starting with zero): 1 - go through browser vendors, 2 - have your users to install additional CA key into their existing browsers (and perhaps remove others), or 3 - distribute your own browser package. Pick one. > The policies are set by the browsers/root store operators - > not CAs. _______________________________________________ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
