Slashdot Mirror

← Back to Stories (view on slashdot.org)

Thoughts for Thawte's Personal Certificates?

Posted by Cliff on from the scouring-for-opinions dept.

ShadowMaster asks: "Does anyone know (or had experience with) dealing with Thawte personal certificates. They are offered for free by Thawte, but I cannot find any reviews or consumer feedback on the matter. They ask for some interesting private information (SSN, DOB, etc.) so I was just curious if anyone has had any problems with the service, or if they are truly on the level." As most of you are aware, you have to be very careful what information you leave online these days. Does Thawte do their part in keeping what information you do give them out of third party hands?

4 of 9 comments (clear)

  1. Experience by oxygenated · · Score: 2

    I've used them for about two years now to sign my important email messages and it works great. As someone else put it, you are only as good as your weakest link -- this certificate only certifies that it is the same person sending the messages. If you want it to certify who you are, you have to build a "Web of Trust" by basically getting a notary, CPA, bank, etc to certify who you are.

  2. Re:SSN not private... by Kefaa · · Score: 3

    I spoke with the SSA and as they put it, Congress is a little far behind on this one. The law, as stated above, is businesses cannot force you to give your SSN. However they do not have to provide the service, equipment, etc. if you do not. [Color me vague here but does anyone see a difference but a lawyer?]

    BTW - SSA answered their phone in 4 rings, no queue, AND the person was friendly with information. Bonus them +2...

  3. Re:Thawte is now part of Verisign. by NNKK · · Score: 2

    except they should be "state secrets"
    they're desiged specificaly for FINANCIAL authentication
    unfortunitely their use has gotten out of hand
    it is actually against federal law for anyone to requier you provide them with your SSN if they're not your employeer or banker or the government, unfortunitely this is not enforced, and so it's used even for fishing licenses!
    the problem is, if someone gets your SSN, they can steal your identity entirely
    get a birth certificate, drivers license, credit cards, access to your bank accounts, etc.

    you NEED to keep the number secret and not give it out

  4. Thawte is now part of Verisign. by acceleriter · · Score: 2

    Thawte was purchased by Verisign awhile back. While I'm not sure whether that helps or hurts our ability to trust them, bear in mind that SSN + DOB aren't exactly state secrets anyway, and the sooner we quit pretending they are, the sooner people (like those at our banks) will quit using them to authenticate us. I've had a certificate for some time, having even gone to the trouble to gather trust points from one Thawte notary. I need to finish the job sometime.

    --

    CEE5210S The signal SIGHUP was received.