Home page logo

webappsec logo WebApp Sec mailing list archives

Re: how to secure a commercial web site
From: Sean Radford <sradford () bladesystems co uk>
Date: Wed, 12 May 2004 08:47:48 +0100

While not directly appripriate to the thread... It's a shame the Simple
Public Key Infrastructure isn't in widespread use.

I don't suppose anyone knows of any SSL (or SSH) implementations that
support it?


On Tue, 2004-05-11 at 17:17, Jeffrey Weiss wrote:
You can generate your own CA for free, and sign the site cert against
this  CA, but it won't be recognized by the browser and therefore is not
If you're doing commerce this is not good enough.
It will work for ensuring encrypted communications, but not "trust".
You have to pay for trust; the security part is free.

On Tue, 2004-05-11 at 04:11, info () biledge com wrote:
i am trying to secure -SSL certificated- a commercial web site without using verisign, global 
sign, etc. it seems there is a monopoly an i want to be out of it. does anyone know a better 
way to secure the web site or do i have to pay money, (even) for security ?   
regards, bilur

Dr. Sean Radford, MBBS, MSc
sradford () bladesystems co uk

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]