[EMAIL PROTECTED] wrote:
Either way you have vulnerabilities. So what has PKI / SSL done for us?
Instilled a somewhat false sense of trust in the whining masses. I personally don't trust verisign/thawte/whatever as far as I can throw them. I'd rather roll my own CA and request my customers to enroll in it rather than spend the money on making verisign verify a certificate for me. Personally, I'd trust a company who had me enroll in their CA a lot more than a company who asks someone else to certify that they are who they say they are.
But, that's just me. -kelsey -- [email protected] http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-list
