Re: SSL Certs

This WebDNA talk-list message is from

2003


It keeps the original formatting.
numero = 50807
interpreted = N
texte = First any cert will allow you to provide a secure connection to your customer.the point of changing certs periodically and expiring old ones, is that if one does become compromised it can only be for so long.The point of a certifying authority is to have a reputable third party that establishes that the secure connection is with who it is intended. Problem is most people don't know who the certifying authority is. That is why thawte, verisign etc use the emblem that tells a customer that the connection is with the intended party. Still I don't think shoppers get it. I use Equifax they are cheap $88.00 but they really don't do much to verify me or my clients as a business. But they are a high profile name and so people feel comfortable with them and IE won't spit out those evil words.If you are an established business, ie walmart with an extensive customer base you could probably get by with a self signed cert, if your john's john shop, then you probably need someone else to lend validity to the fact that your doing the minimum to secure the shoppers info and probably won't run off with my money.On Friday, May 30, 2003, at 09:20 PM, Michael Davis wrote:> My question was more conceptual than technical. I see the issues of > secure transit and reputable business as having two differing > personalities. To liken to the 'real' world, I might find myself in > some seedy downtown fast-mart and not trust the guy behind the counter > with my credit card, but if I use a secure ATM in the corner I know > that I can buy my bag of chips and feel relatively sure that even if > the business owner is a crook, my bank account is relatively safe. To > turn to the cyber-situation, I have built up a considerable customer > base that knows that I'm a trustworthy business, who I would like to > dispense with the reputation side of things and focus only on making > sure that their data isn't sniffed in transit. I think the two issues > should not be so intertwined, or at least there should be a > friendlier, less alarmist way to accomplish a secure connection with > someone you know (or don't know, for that matter). If you know me and > trust me, I should only have to provide a secure connection between > you and me so that _others_ do not interfere with our relationship. I > want a secure cert that pops a warning that says we don't know who > Michael Davis is, but he certainly has a very secure, encrypted > connection that he's providing for your sensitive data. Proceed at > your discretion. Not this fear-mongering, insurance policy pleasing > crap that Microsoft deploys. Does that make sense? ------------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://webdna.smithmicro.com/ Associated Messages, from the most recent to the oldest:

    
  1. Re: [WebDNA] [OT] Multiple SSL certs on same server? (Stuart Tremain 2014)
  2. Re: [WebDNA] [OT] Multiple SSL certs on same server? (Dan Strong 2014)
  3. Re: [WebDNA] [OT] Multiple SSL certs on same server? (Stuart Tremain 2014)
  4. [WebDNA] [OT] Multiple SSL certs on same server? (Dan Strong 2014)
  5. Re: [WebDNA] [OT] economical reliable SSL certs? (Kenneth Grome 2009)
  6. Re: [WebDNA] [OT] economical reliable SSL certs? (Bob Minor 2009)
  7. Re: [WebDNA] [OT] economical reliable SSL certs? (bharrington@1choicerealty.com 2009)
  8. Re: [WebDNA] [OT] economical reliable SSL certs? (Stuart Tremain 2009)
  9. Re: [WebDNA] [OT] economical reliable SSL certs? (Donovan Brooke 2009)
  10. Re: [WebDNA] [OT] economical reliable SSL certs? (Marc Thompson 2009)
  11. Re: [WebDNA] [OT] economical reliable SSL certs? (William DeVaul 2009)
  12. Re: [WebDNA] [OT] economical reliable SSL certs? (Jeffrey Jones 2009)
  13. Re: [WebDNA] [OT] economical reliable SSL certs? (bharrington@1choicerealty.com 2009)
  14. Re: [WebDNA] [OT] economical reliable SSL certs? (Christer Olsson 2009)
  15. [WebDNA] [OT] economical reliable SSL certs? (Donovan Brooke 2009)
  16. Re: OT: SSL Certs ( Rupert Ravens 2005)
  17. Re: OT: SSL Certs ( Bob Minor 2005)
  18. Re: OT: SSL Certs ( Daryl Mitchell 2005)
  19. Re: OT: SSL Certs ( "paul" 2005)
  20. Re: OT: SSL Certs ( Donovan Brooke 2005)
  21. Re: OT: SSL Certs ( devaulw@onebox.com 2005)
  22. OT: SSL Certs ( Larry Hewitt 2005)
  23. Re: SSL Certs (Kenneth Grome 2003)
  24. Re: SSL Certs (Bob Minor 2003)
  25. Re: SSL Certs (Michael Davis 2003)
  26. Re: SSL Certs (Kenneth Grome 2003)
  27. Re: SSL Certs (Donovan home EHG 2003)
  28. SSL Certs (Michael Davis 2003)
First any cert will allow you to provide a secure connection to your customer.the point of changing certs periodically and expiring old ones, is that if one does become compromised it can only be for so long.The point of a certifying authority is to have a reputable third party that establishes that the secure connection is with who it is intended. Problem is most people don't know who the certifying authority is. That is why thawte, verisign etc use the emblem that tells a customer that the connection is with the intended party. Still I don't think shoppers get it. I use Equifax they are cheap $88.00 but they really don't do much to verify me or my clients as a business. But they are a high profile name and so people feel comfortable with them and IE won't spit out those evil words.If you are an established business, ie walmart with an extensive customer base you could probably get by with a self signed cert, if your john's john shop, then you probably need someone else to lend validity to the fact that your doing the minimum to secure the shoppers info and probably won't run off with my money.On Friday, May 30, 2003, at 09:20 PM, Michael Davis wrote:> My question was more conceptual than technical. I see the issues of > secure transit and reputable business as having two differing > personalities. To liken to the 'real' world, I might find myself in > some seedy downtown fast-mart and not trust the guy behind the counter > with my credit card, but if I use a secure ATM in the corner I know > that I can buy my bag of chips and feel relatively sure that even if > the business owner is a crook, my bank account is relatively safe. To > turn to the cyber-situation, I have built up a considerable customer > base that knows that I'm a trustworthy business, who I would like to > dispense with the reputation side of things and focus only on making > sure that their data isn't sniffed in transit. I think the two issues > should not be so intertwined, or at least there should be a > friendlier, less alarmist way to accomplish a secure connection with > someone you know (or don't know, for that matter). If you know me and > trust me, I should only have to provide a secure connection between > you and me so that _others_ do not interfere with our relationship. I > want a secure cert that pops a warning that says we don't know who > Michael Davis is, but he certainly has a very secure, encrypted > connection that he's providing for your sensitive data. Proceed at > your discretion. Not this fear-mongering, insurance policy pleasing > crap that Microsoft deploys. Does that make sense? ------------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://webdna.smithmicro.com/ Bob Minor

DOWNLOAD WEBDNA NOW!

Top Articles:

Talk List

The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...

Related Readings:

WebCat2b13MacPlugIn - more [date] problems (1997) 2nd WebCatalog2 Feature Request (1996) Possible Bug in 2.0b15.acgi (1997) my price won't move (1997) gateway application timeouts (1998) CloseDataBase vs CommitDataBase (2007) WebDNA Partner edition .. (2002) # fields limited? (1997) WebCatalog Technical Reference (1997) RE: WebCat and image maps (1997) Help formatting search results w/ table (1997) possible, WebCat2.0 and checkboxes-restated (1997) Error Log.db --however (1997) Back to Authnet with storebuilder (2003) OT - royalty free images (2002) [UPPERCASE] (1997) Capitalize (2003) [WebDNA] WebDNA not running after 10.6.3 update (2010) Calculating multiple shipping... (1997) Robert Minor duplicate mail (1997)