Re: [SLUG] Webmail and self signed SSL certificate

From: Eben King (eben1@tampabay.rr.com)
Date: Wed Jan 28 2004 - 11:16:51 EST


On Wed, 28 Jan 2004, Douglas Koobs wrote:

> What are the security concerns with using a self signed certificate
> instead of one signed by Thawte or Verisign?

To me. a self-signed certificate (or one signed by an unknown entity, or
an unsigned one) has the same implications as no certificate at all. It's
you attesting that you are who you say you are.

> I'm assuming that since the only people that use this server are my
> family and friends, and they all trust me, that there is no need for an
> expensive signature.

Yes. IMO it's better not to use a certificate at all in this case, to
avoid the hassle and confusion of them clicking "OK".

-- 
-eben    ebQenW1@EtaRmpTabYayU.rIr.OcoPm    home.tampabay.rr.com/hactar

They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety. -- Ben Franklin

----------------------------------------------------------------------- This list is provided as an unmoderated internet service by Networked Knowledge Systems (NKS). Views and opinions expressed in messages posted are those of the author and do not necessarily reflect the official policy or position of NKS or any of its employees.



This archive was generated by hypermail 2.1.3 : Fri Aug 01 2014 - 20:32:19 EDT