I couldn't agree more. Perhaps some of the other CAs (www.whichssl.org lists 9 total) don't impose this restriction, but the belief here is that they wouldn't have their root certs included with the major browsers. I'll see if some of the other CAs don't have this restriction. --Dan
On Fri, 11 Jul 2003 13:38:28 -0700, "Michael Halcrow" <[EMAIL PROTECTED]> said: > On Fri, Jul 11, 2003 at 10:06:56AM -0700, Dan Reese wrote: > > On Fri, 11 Jul 2003 09:58:36 -0600, "Andrew Jorgensen" > > <[EMAIL PROTECTED]> said: > > > Certificates are just files. There aren't any license restrictions on > > > them. So long as the name is the same it will work. IP address isn't > > > tied to them. You need 1 cert for each vhost, you can put the cert on as > > > many machines as you want. > > > > Actually, when you buy an SSL certificate there *are* licensing > > restrictions often imposed by the CA. It costs them nothing for us to > > put a cert on multiple machines, but they charge extra for it. :-) > > Huh? A certificate, by definition, is something that is supposed to > be copied, cached, passed around, etc. All it does is bind an > identity to a key (well, at least that's the way that certificates are > actually being used today). Just because the certificate finds itself > on more than one machine within one domain does not change its > functionality in any way. If CA's are claiming that they can legally > restrict how you use your certificates, then I would say that they are > out of line. They have no right to dictate that. > > Mike > > -- > ------------------------------------------- | --------------------- > Michael Halcrow | [EMAIL PROTECTED] > Developer, IBM Linux Technology Center | > | > I am in total control, but don't tell my | > wife. | > ------------------------------------------- | --------------------- > GnuPG Keyprint: 05B5 08A8 713A 64C1 D35D 2371 2D3C FDDA 3EB6 601D ____________________ BYU Unix Users Group http://uug.byu.edu/ ___________________________________________________________________ List Info: http://uug.byu.edu/cgi-bin/mailman/listinfo/uug-list
