Server certificates

Dustin Decker dustind at moon-lite.com
Tue Apr 9 16:16:13 CDT 2002 

On Tue, 9 Apr 2002, Brian Densmore wrote:

> Anyone have one? Anyone know where to get them, without having to sell
> your firstborn? Anyone know of a project/CA to provide server certs
> for individuals/nonprofits, or interested in starting one up? I know I
> can sign my own, although last time I tried it didn't seem right, and
> then I am not part of some larger approval group.

Just generate your own silicon snake oil certificate, and instruct folks 
on how to verify it's from you by viewing it...  you can go so far as to 
have folks add the cert to their browser and the like.

This whole thing disgusts me too - primarily because being a root CA 
really only means one thing - "We manage our private key very well".  It 
doesn't speak very loudly towards the issue of trust. 

<rant>
I'm sure I'm just regurgitating "Secrets & Lies" written by Bruce
Schneir here, but there is a significant separation of technology and
trust where cryptography comes into play.  A small handful of folks like
verisign and the like may indeed be "trusted" and the like, but that
trust only goes so far.  When I pull out my visa and make a purchase on
the Internet, I'm counting on the ssl encryption to keep folks from
sniffing my credit card information.  Beyond that, I must trust the
folks I'm doing business with on-line to keep it secure after that.  
Some do a good job of this, others do not.

Ultimately, I fall back to the old brick and mortar trust methodology 
beyond this - I let VISA and their business methods keep me secure.  The 
fact is, if someone gets my credit card info by hacking EBay or the 
like, I'm only liable for $50.00.  (and in some cases not even that)

So - the ssl serves a purpose, keeping folks from sniffing.  Whether or 
not I think it is worth while to give a few hundred bucks to verisign or 
whomever to make it all happen, is worth considering at this point.  Do 
I need to give them money?  Not really - but I'll pass that debate on to 
the rest of you.
</rant>

Equally disgusted,
Dustin

-- 
Even in evil, we discern rays of light and hope, and gradually come to see, in suffering and
temptation, proofs and instruments of the sublimest purposes of wisdom and love.  - William
Ellery Channing

More information about the Kclug mailing list