[EMAIL PROTECTED] wrote:
The fact is many people think self-signed certs that make browsers give a
warning message about them are *bugs* in a web app.
Does this mean *every* little web app company needs to pay the "Verisign tax"
to get their server keys signed by them? That's kind of depressing and against
the values of the web it seems to me.
AFAIK, yes
All the apps have preloaded the root-certs of trusted signatories
If none of those root-certs are used to sign your sig, the warning is
popped up.
--
Michael O'Keefe | [EMAIL PROTECTED]
Live on and Ride an 06 BMW R12GS HP2 | [EMAIL PROTECTED] / |
I like less more or less less than |Work:+1 858 845 3514 / |
more. UNIX-live it,love it,fork() it |Fax :+1 858 845 2652 /_p_|
My views are MINE ALONE, blah, blah, |Home:+1 760 788 1296 \`O'|
blah, yackety yack - don't come back |Fax :+1 858 _/_\|_,
--
[email protected]
http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-list
