Friday, Friday, October 26, 2001, 1:55:54 PM, Darryl Green wrote: > Two: We have been looking at all manner of methods to make the verification > procedures as quick and pain-free as possible. This includes bringing this
This is only a part of the problem. Honestly, though, the QuickSSL method seems the best choice. We use this method to verify the OWNERSHIP of domain names during registrar transfers. That we trust something which is frankly much more important, since anyone can get a cert once they get the domain name, is one of the best arguments for using the same method to authenticate certificate requests. Lastly is price. This market would be HUGE if the resellers could market the product in the $69-89 range, and it would turn the market on it's ear. This is the more important issue. When the wholesale cost is $99, in this market, that's a sideline occasional sale item. Most webhosting customers are instead going with shared cert models at ISPs as a result, where the ISP can get a wildcard cert and spread the cost out over xxx customers. Yes, Geotrust's model is somewhat a break from the "traditional" CA model. But I think that is a recognition of the change in the way the internet is viewed and being used, and the dropping of what are, to most, deprecated and/or completely unknown meanings behind a signed cert. As for browsers, I've tested the FreeSSL product with IE6+, IE 5.5+ and IE 5.00.29+ and it does not give a cert warning. 5.00.23 and below do. Netscape does not have support for the FreeSSL, but my understanding is that Netscape 6.x MIGHT support the QuickSSL, I haven't tested that yet. Still IE5 and IE6 and the new MSN Explorer give a vast visibility for the QuickSSL product. As for the browser argument, I'm really getting to the point where I say, screw the browser maker's opinions. If you have a strong distribution network, you can easily get your root cert onto user's systems. Partner with popular shareware software makers to subsidize them somewhat, and in their software's install process, unless the user turns off the option, it will place your CA Cert into their browsers' configs. I'm at a point where I think it's Guerrilla marketing time for this industry. -- Best regards, William X Walsh <[EMAIL PROTECTED]> Userfriendly.com Domains The most advanced domain lookup tool on the net DNS Services from $1.65/mo
