David Woolley writes: > Actually I would expect the name on their root certificates, the > generic "Root CA" to send warning bells to anyone who was security > conscious, but not already familiar with them.
Anyone who is really serious about security will accept certificates only in person, by hand directly from site operators whom they have thoroughly investigated. But of no one is. The present Web certificate system is badly broken. It's about as secure as a locked convertible with the top down. It should never be relied upon for anything nontrivial. For that purpose CAcert is as good as anything else and better than most. -- John Hasler [email protected] Dancing Horse Hill Elmwood, WI USA _______________________________________________ questions mailing list [email protected] http://lists.ntp.org/listinfo/questions
