Friday, August 03, 2001, 4:31:44 PM, you wrote:
JM> placing them in subdirectories. I don't see much advantage to using
JM> subdomains, since it's still a cert that has been issued to "netmonger.net"
JM> and says nothing about the actual business using the cert.
Yes, but my contention is that people want to ensure an encrypted pipe
much more than they want to ensure identity. Most people have other
ways of trusting identity, what they really want is an encrypted
connection between themselves and the site that they trust.
Unfortunately, the operations of encryption and identity have become
intertwined. Yes you can self sign a cert and at least let the end
user know that the transmission is encrypted, but then they get that
scary "pop up" in their web browser... Grandma sees that pop up and
stops the transaction, rips the phone chord out of the wall and calls
her grandson. :-)
regards,
-joe
