[ic] Quick Question

Mark Adams madams@cybernet.com
Tue, 10 Apr 2001 11:17:56 -0400 (EDT)

Last I checked, to have thawte consulting sign your digital certificate
was only $125 for the first year and $100 for each year after that.


Of course you can sign your own certificate, but most browsers will give a
warning message not recognizing that the certificate was signed by a
certificate signing authority (CSA).

Supposedly having a CSA sign your certificate guarantees that the CSA
exercised due diligence to show that your organization actually exists and
that the certificate was issued to your organization. So that when you
accept an SSL connection from the server of an organization that claims to
be located at 1600 pennsylvania ave, you can be assured that you are
actually doing business with an organization at 1600 pennsylvania ave.

Unless you have your certificate signed by Verisign, who is known for
signing multiple certificates without exercising due diligence. Such as
when they recently signed two certificates from a hacker claiming to be
Microsoft. Oops.

Mark Adams

On Tue, 10 Apr 2001, Jim Balcom wrote:

> On Tue, 10 Apr 2001, Jason Osborne wrote:
> JO>>I know this is totally off the topic, but I was sitting here trying to
> JO>>figure it out and since Interchange uses SSL I thought someone might know
> JO>>something about this. I noticed that I have a test certificate that came
> JO>>installed out of the box when I installed openssl. I was wondering how to
> JO>>get a real key, can I just make one or do I have to pay loads of cash each
> JO>>year for one?
> For starters, read the long message that I just posted.
> You can use the test certificate, but your customers are going to get
> continual warnings from their browser to the effect that you may be a
> phony trying to rip them off.
> You are going to need to buy a real key and renew it each year. Thawte
> is charging $225 per year for a cert (www.thawte.com) (Or, is it $250?)
> If you are going to do business on the internet you MUST have a cert,
> and it must be registered to a domain that you are doing business
> under. Otherwise, people will get complaints from their browser.
> Having a secure server and a cert is a GREAT investment. I had one for
> a year. When it ran out, I let it lapse for a year. During that time I
> received a couple of e-mails from people about my lack of a secure
> server, and their refusal to buy from me. On January 3rd, I put the
> secure server back up. Oct, Nov, and Dec sales were flat. January, the
> first month with a cert, they did a dramatic increase and they have
> been skyrocketing since. I made no significant changes to my methods of
> merchandising, or advertising. As far as I am concerned, that cert has
> paid for itself many times over.
> The internet is full of rip-off schemes, and plenty of people that are
> only out to get your money. People are scared, especially when it comes
> to putting their credit card on the line. They don't have too much to
> judge you by when they place their first order. But, 2 things that they
> DO want is a secure server, one that their browser is not going to puke
> on, or throw up warnings about; and they want their charge cards
> processed by that company. If you placed an order at Amazon.com and
> your credit card statement said that you had made the purchase at
> 'Podunk Processing', you should be concerned about what is going on.
> -= Jim =-
> ----------------------------------------------------------------
> Jim's Linux-Operated Underground Bomb Shelter
> ----------------------------------------------------------------
> Tagline for Tuesday, April 10, 2001 at 08:20 AM:
> Air conditioned environment - Do not open Windows.
> ----------------------------------------------------------------
> This Linux System has been up 14 hours  
> My web page: http://www.idk-enterprises.com
> ----------------------------------------------------------------
> _______________________________________________
> Interchange-users mailing list
> Interchange-users@lists.akopia.com
> http://lists.akopia.com/mailman/listinfo/interchange-users