[ale] SSL Certs for $14.95

Michael H. Warfield mhw at WittsEnd.com
Wed Apr 5 18:03:23 EDT 2006


On Wed, 2006-04-05 at 10:34 -0400, Geoffrey wrote:
> Christopher Fowler wrote:
> > Is it possible to get a cert for a host that has an IP Address but no
> > hostname?

	What would you use for the DN (Distinguished Name)?  That's what gets
compared to the DNS name in the SSL connection certificate check.  If
that DN doesn't match the host name at the time of lookup, you get an
error.  If you don't have a host name, what is going to be your basis of
comparison?

> I think not, but check out the site.

	CACert is also building a "web of trust" for their certification
services.  Almost a merging of the X.509 CA paradigm with the PGP web of
trust.  I've gone through the "certification" and am currently at the
maximum number of points I can acquire just by having others certify me.
I have to actively participate by certifying others to get any higher
scoring.  Maybe the next time we have a PGP keysigning, we can make it a
PGP / CACert certification and signing.  All the forms are on their
site.

	Oh...  And they are working toward getting their root CA included in
Mozilla / Firefox.  They're not there yet (at least not the last time I
checked) but they are undergoing the equivalent of an audit.

	Now...  If I could just get THEM to sign MY CA Cert...  That would be
cool...

	Mike

> > On Wed, 2006-04-05 at 09:32 -0400, Geoffrey wrote:
> >> Jim wrote:
> >>> http://www.litessl.com/
> >>>
> >>> Anyone dealt with these guys or know anything about them?  They say they 
> >>> cover 99% of the browsers, but I didn't a list anywhere.
> >> No experience, but you can get free certs here:
> >>
> >> http://www.cacert.org/
> >>
> > 
> > _______________________________________________
> > Ale mailing list
> > Ale at ale.org
> > http://www.ale.org/mailman/listinfo/ale
> > 
> 
> 
-- 
Michael H. Warfield (AI4NB) | (770) 985-6132 |  mhw at WittsEnd.com
   /\/\|=mhw=|\/\/          | (678) 463-0932 |  http://www.wittsend.com/mhw/
   NIC whois: MHW9          | An optimist believes we live in the best of all
 PGP Key: 0xDF1DD471        | possible worlds.  A pessimist is sure of it!

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 309 bytes
Desc: This is a digitally signed message part




More information about the Ale mailing list