Home page logo
/

webappsec logo WebApp Sec mailing list archives

Re: how to secure a commercial web site
From: Sean Radford <sradford () bladesystems co uk>
Date: Wed, 12 May 2004 08:47:48 +0100

While not directly appripriate to the thread... It's a shame the Simple
Public Key Infrastructure isn't in widespread use.

I don't suppose anyone knows of any SSL (or SSH) implementations that
support it?

Sean

On Tue, 2004-05-11 at 17:17, Jeffrey Weiss wrote:
You can generate your own CA for free, and sign the site cert against
this  CA, but it won't be recognized by the browser and therefore is not
trusted.
If you're doing commerce this is not good enough.
It will work for ensuring encrypted communications, but not "trust".
You have to pay for trust; the security part is free.
Jeffrey

On Tue, 2004-05-11 at 04:11, info () biledge com wrote:
hi,
i am trying to secure -SSL certificated- a commercial web site without using verisign, global 
sign, etc. it seems there is a monopoly an i want to be out of it. does anyone know a better 
way to secure the web site or do i have to pay money, (even) for security ?   
regards, bilur

-- 
Dr. Sean Radford, MBBS, MSc
sradford () bladesystems co uk
http://bladesys.demon.co.uk/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault