On Mon, Jul 22, 2002 at 08:45:38PM +0000, Christopher K. Neitzert wrote:
> Opencerts is about as valuble as using your own CA and generating your own
> certificates. Possibly more so for two reasons.
> 1. With opencerts there is a means to track who created the certificate by
> email.
> 2. The average user doesnt have to go mucking with openssl.
But by allowing Opencerts into your trust ring, you're giving the
"thumbs up" not only to your certificates but to all the other certs they
sign too, which in my mind makes it a lot worse than setting up your own
CA. Ryan's obviously done a lot of work to get this working, but wouldn't
it be a lot better to publish an easy to setup and run CA than to create
a very muddy, weakly authenticated certificate pool?
--
general wireless list, a bawug thing <http://www.bawug.org/>
[un]subscribe: http://lists.bawug.org/mailman/listinfo/wireless
