Check out Equifax.com for $79 secure certificates. It strikes me that
becoming a certificate authority is not a trivial matter. Ever stopped to
wonder why someone as large as Register.com didn't become a certificate
authority themselves, rather than teaming up and selling someone elses
certs?
Of course, ulitmately it's up to Tucows whether they see this as a viable
investment and whether it would fit into the reseller business model. I'd
really have no interest in reselling certificates or even getting involved
in the process. Of course Tucows would end up doing 99% of the work in
certifying the certificate holder. This kind of business is a far cry from
OpenSRS, where there's not much difference between selling 1,000 or sellling
100,000 domains per month.
Jim
----- Original Message -----
From: "Swerve" <[EMAIL PROTECTED]>
To: "adam" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>
Sent: Monday, November 27, 2000 8:19 AM
Subject: Re: New Cert Authority - Are you listening OpenSRS?
> Assuming Opensrs can provide the same security and level of support as
> Verisign, i would imagine their are alot of people who would consider
> switching. Perhaps contribute a % of profits to the open source
community/
> charitable orgs. or some kind of Net grant/investment fund.
>
> swerve
>
> > From: "adam" <[EMAIL PROTECTED]>
> > Date: Mon, 27 Nov 2000 13:52:26 -0000
> > To: <[EMAIL PROTECTED]>
> > Subject: RE: Fwd: New Cert Authority - Are you listening OpenSRS?
> >
> > Hostmaster <[EMAIL PROTECTED]> said:
> >
> > ...
> >
> > Well, they said a lot. And to be honest, I have to agree with most of
it.
> > Only this morning, when I received a cert for a client of mine, I
mentioned
> > to him about Verisign/NetSol/Thawte's virtual monopoly, which I
personally
> > find pretty scary. It's not just the fact that NetSol are involved -
although
> > it's a huge factor given the fraudulent billing they're *still* getting
away
> > with - but the fact that in effect one company is issuing 90% (or is it
95%,
> > or even 99%?) of the server certs in the world. That's not just
monopolistic,
> > it's *dangerous*.
> >
> > And I have to say that I think OpenSRS are in - or would appear to be
in - a
> > good position to do something about it, and make a wedge of cash into
the
> > process. I don't necessarily agree with the notion that Tucows can just
plonk
> > their cert into the browsers they ship through their download mirrors,
but
> > don't they have enough grunt at this stage to get their cert installed
in a
> > proper manner?
> >
> > Scott, Charles, et al - you asked us recently, both here and in a survey
if
> > we would like to see value-added services introduced for RSP's. I don't
agree
> > with a lot - most in fact - of the suggestions, but this is something I
back
> > 100%. I'm making a commitment now - if Tucows can get a root certificate
in
> > the browsers and better Thawte on price - even by a small margin - I
will
> > start using Tucows as my CA as soon as it's technically feasible.
> >
> > That may sound like I'm hedging, but it's not an overnight thing -
there's
> > older browsers to think about too. But Tucows have the wherewithall to
> > overcome that quickly - you advertise heavily already; getting users to
> > upgrade their browsers would be easier for you that the freecerts
project.
> >
> > But all this is just rhetoric without a comment from Tucows/OpenSRS.
What say
> > you?
> >
> > adam
> >
>
