Home page logo

nanog logo nanog mailing list archives

Re: X.509 Certs For Personal Use
From: Christopher LILJENSTOLPE <cdl () asgaard org>
Date: Sat, 18 Feb 2012 11:04:21 -0800

Greetings I'll +1 Chris's experience with startssl

On 18Feb2012, at 10.57, Christopher Morrow wrote:

On Sat, Feb 18, 2012 at 10:44 AM, John Peach <john-nanog () johnpeach com> wrote:
On Sat, 18 Feb 2012 14:27:05 +0100
Phil Regnauld <regnauld () nsrc org> wrote:

toor (lists) writes:
I use http://www.startssl.com/ for all my personal certifcates. I have
not had any issues with the validations (once you have an account you
can validate a domain by sending an email to a predefined list of
contact addresses) and the certificates are issued instantly.

      "Your request is being held up for review by our personnel".

      Up to 6 hours. Must be their definition of instant :)

It's nice to see that they actually do random reviews, rather than just
issuing everything requested. I use startssl and have not had anything
held for review.

I've had most of mine held, but almost always I get a response in side
of 20 mins. Really, what I care about here is:
 1) cert validates in almost all clients (mozilla/chrome/mail.app)
 2) controlled/secured by my key, not something made up on the server side
 3) not paying money for random bytes.

it works and eddy's pretty quick on requests.




Check my PGP key here: https://www.asgaard.org/~cdl/cdl.asc
Current vCard here: https://www.asgaard.org/~cdl/cdl.vcf

Attachment: signature.asc
Description: Message signed with OpenPGP using GPGMail

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]