[EMAIL PROTECTED] wrote:
The fact is many people think self-signed certs that make browsers give a
warning message about them are *bugs* in a web app.
Does this mean *every* little web app company needs to pay the "Verisign tax"
to get their server keys signed by them? That's kind of depressing and against
the values of the web it seems to me.
I read some years ago that self-signed certs are more secure as the data
encrypted by certified keys are accessible to those with access to the
key data from the CA (e.g. - the feds).
I never followed up on the story, nor have done any further research
into the credibility of the claim however.
PGA
--
Paul G. Allen, BSIT/SE
Owner, Sr. Engineer
Random Logic Consulting Services
www.randomlogic.com
--
[email protected]
http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-list
