On Thu, 16 Mar 2006 16:48:40 EST, Brian Eaton said: > I started digging around on Geotrust's web site looking for their > policy on issuing certificates and stumbled across a FAQ on > high-assurance SSL certificates. This sounds like a step in the right > direction.
Yes, that's a partial solution, for those clued enough to understand it... > http://www.geotrust.com/products/ssl_certificates/hassl_faq.asp Several of the CA's do similar things. And they're usually nice enough to use separate root certs for the various classes - so if you feel so inclined, keep their 'We sign high-assurance certs" CA listed, and heave the "the verification e-mail didn't bounce" CA over the side. ;)
pgpyp0vMpwPgX.pgp
Description: PGP signature
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
