[ic] SSL CA

Jamie Neil jamie at versado.net
Wed Aug 25 05:47:05 EDT 2004


rbragg wrote:
[snip]
> This is important info! I am not interested in chained certs. Sometimes 
> it is hard to do all the research right away! Also I was wondering what 
> the deal was with their "Warranties"?!? This seems to lurk in the shade; 
> Seems to me like you are signing rights away rather than truly 
> "trusting" them to present your to your clients!

Perhaps I am missing something here, but I can't see why people have a 
problem with chained certs.

Comodo use the Baltimore Technologies cert as their root which has 
pretty much the same browser compatibility as Verisign etc. Provided you 
have the intermediate certificate installed on your server then the 
customer shouldn't notice the difference apart from the branding.

The argument usually put up by the more expensive Authorities is that 
chained root certificates rely on "unstable roots" - i.e. the root cert 
that they rely on could be withdrawn at any time. Is this really going 
to happen?

I've been using Instant SSL certs on a number of sites for a couple of 
years now and as yet I have had no complaints from customers about 
compatibility. In the event that I _do_ start to have problems, I am not 
exactly locked in - I just move to another authority.

-- 
Jamie Neil | <jamie at versado.net> | 0870 7777 454
Versado I.T. Services Ltd. | http://versado.net/ | 0845 450 1254


More information about the interchange-users mailing list