[Date Prev][Date Next][Thread Prev][Thread Next][Interchange by date ][Interchange by thread ]

[ic] Re: ssl

Subject: [ic] Re: ssl
From: interchange-users@icdevgroup.org (Barry Treahy, Jr.)
Date: Tue Dec 3 18:00:01 2002
References: <003601c29b1a$8f1db920$6401a8c0@OFFICE> <978425510.6657.0.camel@nomercy>

Brandon Mercer wrote:

>On Tue, 2002-12-03 at 17:22, Stephen Atkinson wrote:
>  
>
>>Hi,  Will a home-made ssl cert work with interchange for testing  or must
>>you use one from a certificate authority?
>>    
>>
>That will work fine.  The only purpose a CA serves is letting the public
>know that the company that created the certificates is valid and that
>they can be trusted.  
>
Ah, actually that isn't right..  The purpose of obtaining a certificate 
from a known CA, among other things,  is for repudiation.  Without this, 
you have no legal standing assuring that a transaction occurred with who 
you thought it occurred with.  The CA also confirms that you, the owner 
of the cert, are who you claim to be so that a person starting an SSL 
session can know without question they are talking to the company they 
desire and not an impostor.  A 'free' certificate, while it can allow 
for the encryption process to occur, it cannot guarantee that party A is 
in fact talking to party B and not party C.

Barry

-- 

Barry Treahy, Jr  *  Midwest Microwave  *  Vice President & CIO 

E-mail: Treahy@mmaz.com * Phone: 480/314-1320 * FAX: 480/661-7028

Follow-Ups:
- [ic] Re: ssl
  - From: interchange-users@icdevgroup.org (Brandon Mercer)

References:
- [ic] Re: ssl
  - From: interchange-users@icdevgroup.org (Stephen Atkinson)
- [ic] Re: ssl
  - From: interchange-users@icdevgroup.org (Brandon Mercer)

Prev by Date: [ic] query built tabbed display... looking for "do once" tag
Next by Date: [ic] Re: ssl
Previous by thread: [ic] Re: ssl
Next by thread: [ic] Re: ssl
Index(es):
- Date
- Thread