I agree 100% with William Walsh and Robert Mathews on this one.
Bring on the QuickSSL certificates! :-) And I thought I'd add my $0.02.... Darryl Green [[EMAIL PROTECTED]] wrote: > If I order a set of Pirelli > tires from HayBobs.com (no slight intended if haybob really exists), I > forward payment and then never receive my tires. Hay Bob doesn't really > exist, none of the contact info in the whois is legit. I have no recourse. > If I gave them payment over a secure connection... I know who he is and can > seek recourse. Who actually prints out the server certificate contact information when making an online purchase? Nobody. Instead, you can/should verify identity and seek recourse through the payment method that you used. If you used your VISA card and Hay Bob had a merchant account, just call your bank to get contact info on Hay Bob. And they will provide the dispute resolution services though a charge back to boot! If you used PayPal, make sure that you ordered through a provider who has a "verified identity". This means that the contact information you see is the same as the contact info on their bank account. That helps you track stuff down and is as good as a verification that you will get out of any CA. Be careful when using a payment method that does not offer you this protection. When I order online I never say to myself, "thank god that the CA properly verified the business name of this entity," rather, I say to myself, "thank god that if I don't receive this product I can simply perform a chargeback and it's up to the provider to prove they shipped it." David
