On Monday 12 January 2009 09:28 pm, Roger E. Rustad, Jr wrote: > That's awesome, you took my bait, Jeff! > > In all seriousness, though... > > The certs that you sell are fully functional in client apps like > Thunderbird, IE, and FF? Why would one get a cert through you as > opposed to paying lots of money or doing it themselves. Who is the > ultimately authority on those certs?
Our Certs are issued by GeoTrust. I've sent you a URL to your email address. Note that this particular Certificate is signed with the MD5 algorithm using RSA encryption. GeoTrust has announced they've started to use the SHA-1 algorithm, but I haven't bought a Certificate since the announcement so I can't guarantee that. People pay more for Certificates because they believe it gives them better security; often a better warranty (our Certificates do NOT come with a warranty). Note that no warranty has ever been paid, and it never gets paid on a valid Certificate on a valid site; it only gets paid if someone buys a Certificate from the CA and then uses it to spoof a site. I was going to mention the warranty issues at the meeting, but the discussion went in a different direction. Jeff -- Jeff Lasman, Nobaloney Internet Services P.O. Box 52200, Riverside, CA 92517 Our jplists address used on lists is for list email only voice: +1 951 643-5345, or see: "http://www.nobaloney.net/contactus.html";
