Cheap SSL Certificates for Small Websites?

zaqattack911 asks: "In the workplace today it is becoming more and more common for everyday applications to be accessible over the web. Just about all the booking and tracking systems at my job are handled via web-apps these days. Along with this trend, is the increased need for secure transactions over the web. Just about all of the apps on my webserver are going to be SSL only. Some of them are for internal use only, some for the outside internet to use. Is there a cheap alternative to getting your certificates signed? Self signing my certificates works of course, but just about all browsers make a big fuss about it. Verisign asks for about 400$ initially, and 300$ to renew a certificate every year. This seems like a scam to me, and I'd love to know if anyone knows of alternatives out there? Is there a way to get around the certificate signing business? I looked at a company called RSA Security which allows a company to 'self sign' and use their accepted signature. The website doesn't mention the price, and I'm sure it's not very affordable. What else is there?"

although this sounds like an advertisment...

[r00tarded]

a bunch of excellent geeks I know use entrust.

Re:although this sounds like an advertisment...

[dildatron]

I just checked them out. Decent prices. Their prices are here for those who are interested.

Re:although this sounds like an advertisment...

[throbbingbrain.com]

Good deal. I wish Sun's Java Virtual Machine shipped with their root cert already installed.

Re:although this sounds like an advertisment...

[wanted]

...and they use a classic US-centric approach.
International prices are way higher, an approach similar to Verisign. For non-US customers, Thawte seems to be the best choice. Their root certificate is installed by default in many older browsers.

Re:although this sounds like an advertisment...

[Edgewize]

International prices are way higher.

Clue alert: CAN prices are not higher, they are in Canadian dollars. Hello? Are you there?

Re:although this sounds like an advertisment...

[RobL3]

We built our own PKI with Entrust products. Very good stuff. If they had a marketing department they'd be dangerous.....

Re:although this sounds like an advertisment...

[Mnemia]

Check again...click on the little link that says "International Pricing" and they give much higher figures in USD....

Re:although this sounds like an advertisment...

[RobL3]

First of all, they're a Canadian company. Secondly, it simply costs more to really authenticate most international entities. Of course they could follow Verisigns lead and issue certs to everyone and thier brother and thier brothers dog. Of course that would effectively negate the value of the Root authority. Hey wait....

Re:although this sounds like an advertisment...

[Edgewize]

I suck again.

Re:although this sounds like an advertisment...

[quacking+duck]

I used to work there, and there's a fairly good reason international prices are much higher.

Entrust is a company headquartered in the US but with the bulk of the workforce in the US. When applying for an SSL certificate, there's a very stringent set of rules set out by both US and Canadian governments that they have to follow in order to verify that the person requesting the certificate in fact represents the organization he/she claims to, and that the request for a certificate was authorized.

Verification requires three independent contacts within the requesting organization. These can be managers, sysadmins, billing, etc. All three need to be contacted.

Calling these contacts up can get expensive when you handle a lot of international orders. International information like addresses can also be difficult to verify halfway around the world, too, adding more costs. This is partly why Canadian prices scale up with the US exchange rate, but international ones are so much higher.

The OTHER reason it's a bit higher is that Entrust doesn't WANT to have to handle international verifications, preferring to pass that on to their affiliates located around the world. This way, customers place the order through the affiliated site (at a price that's supposed to be a fair bit lower than the international pricing Entrust itself offers), the affiliate handles the verification themselves. Since affiliates are located in the same geographic area as their customers, they're better qualified to judge whether the info is correct or not. Once the affiliate has verified the information Entrust issues the certificate.

So if you're not based in the US or Canada, check the list of affiliates to see if there's an affiliate in your country that offers lower "international" pricing. Don't mean to sound like a sales agent, but that's why affiliates are there.

Thawte

[JM]

They charge $199 for certificate, and have a pretty good service. I've been using them for years.

Re:Thawte

[gheidorn]

Thawte is definitely just as good as VeriSign IMHO.

Re:Thawte

[snubber1]

When the fuck did they start charging $199??
Last time I looked it was $125 first time, $99 renwal.

Greedy mother fucking bastard cum-lapping whore dicks.

I guess it suddenly became more expensive to take your money.

Re:Thawte

[the+eric+conspiracy]

Thawte IS Verisign - bought out a couple of years ago.

Re:Thawte

[Software]

I agree that Thawte is as good as Verisign. But they are a subsidiary of Verisign, so that's not too much of a surprise. They seem to operate pretty independently.

What is surprising is that their prices are cheaper than the parent company's. I like their SPKI program, which allows you to get 5 certificates for $500.

Re:Thawte

[letxa2000]

No kidding. I was expecting no paperwork to be necessary on renewal. In my dreams. They asked for an entirely different sent of annoying paperwork when I tried to renew, and had raised the price by about $40.

That pissed me off and got me shopping. Within 3 days I had my certs issued by InstantSSL. $49/year, no fuss.

Re:Thawte

[Sn4xx0r]

Hell, if I had mod points I'd give him the fifth :-)

Re:Thawte

[waterwheel]

You can get certs for $100US annually, and they work every bit as good as any other cert. You're really paying for the process the issuing company has to do to ensure 'you' are in fact who you say you are. They don't want to issue a cert to you that says you are MS, do they? (though it has been done....).

The $199 from Thawte may be worth it if you want the Thawte logo on your site. Their logo is pretty well recognized by consumers, other companies may have impressive logos as well that aren't as well recognized.

Re:Thawte

[Leolo]

Yes, Thawte is Verisign, however they offer cheaper certs. I've used Thawte for the last 6 years. I have 0 complains about them. They have live tech support over IRC and e-mail. They operate in many countries. They have good instructions for just about very SSL server out there, even some obscure ones. Once they rushed a cert for me in less then 24 hours. 200 USD for the cert, 150 USD for renewals. -Philip

Re:Thawte

[roguerez]

Been there.

In an earlier life I was 2:282/601.4

So what's the point? :)

Re:Thawte

[astro]

Grrrrr. I know this will get lost in a sea of comments,having come late to the game, but I have read all the child comments and none says it explicitly:

Thawte used to be a great alternative to Verisign, ***until Verisign up and bought them***!

The prices were raised in August (8/5) to 199. The customer service, while still answered with a "Thawte, can I help you?" is all Verisign, and it SUCKS.

I wouldn't sweat it, I don't post flamebait arguments, but I got so burned on a project that was supposed to be relatively fast - and would have been - had Thawteisign not had their heads so far up their asses.

I agree with so many other posters - really look at your situation, and see if you need simple trust between yourself and know parties, or whether you need blind trust from anonymous parties. If the former is the case, christ, generate your own certs. If the latter is the case, well, shit, maybe Entrust IS better (haven't used them personally) as others have posted, or maybe someone else will come up with a decent offering.

As it is, if what you need is the trust of anonymous users relying on what was installed with their browsers, you are, in my experience, more or less shit out of luck and will have to pay what I think is a damn SSL Cert cartel to get what you need.

I used to actually advocate and explain in lay terms to clients why SSL was worth the paltry sums - imagine the huge burden of both maintaining a constantly queried database of identities and actually verifying those identities! The thing is, Verithawte does neither reliably any more.

-- Bryan "fuckit they're coming to get me anyway so I will use plain text!" White

Re:Thawte

[Zak3056]

Greedy mother fucking bastard cum-lapping whore dicks.

Only on slashdot could the above EVER be considered "+5, Insightful."

Re:Thawte

[LordStrange]

When Verisign bougth them.

Re:Thawte

[tiberus]

Thawte's prices stayed the same immediately after Verisign bought them. It was inevitable that Thawte's pricing would begin to increase at some point.

Service and support has been great and after I learned that we have a Duns number most of the paper work went away.

GeoTrust.com rocks, and is cheap!

[CrudPuppy]

we use them for all of our commercial sites.

Re:GeoTrust.com rocks, and is cheap!

[CrudPuppy]

for got to mention, geotrust charges $119 per year (can get cheaper if you work deals with them)

Re:GeoTrust.com rocks, and is cheap!

[krusty_snart]

We've been using them, and they are cheap...

Especially for renewals ~100 US.

Might want to check.......

[tiwason]

The stories /. has already had on the topic....

Why Are SSL Certificates So Expensive? by Cliff with 192 comments on Sunday March 18, @04:48PM
http://ask.slashdot.org/article.pl?sid=0 1/03/18/18 55230&mode=thread&tid=93

Are FreeSSL Certs Worthwhile? by Cliff with 8 comments on Friday September 07, @11:50AM
http://ask.slashdot.org/article.pl?sid=0 1/09/06/04 51218&mode=thread&tid=148

Re:Might want to check.......

[ceejayoz]

You linked both to the second story. Correct links follow:

• Why Are SSL Certificates So Expensive?
• Are FreeSSL Certs Worthwhile?

Re:Might want to check.......

[LinuxSucksButt]

This whole topic has furthered my secret theory that Slashdot sucks with regard to screening of submissions. I am beginning to think they use a pseudo-random number generator to pick the winners. (What an egregious misuse of the word "winners.")

Not only is this a horribly redundant topic (as evidenced in the post to which I am responding), but the answer is readily available to anyone with access to Google. I've noticed that a sizable number of the responses to this question (other than unsolicited explanations of how CA trust works, and the atrociously redundant descriptions of the value of self-signing) seem to be people recommending cheap or free SSL certificate providers. While this might not strictly address the original question, the fact remains that typing "free SSL certificates" into Google will get you basically the same answer.

Maybe the question should be rephrased as: "How can I use Google to find cheap SSL certs?"

Certificate Services on Windows 2000

You can use it to create certs, and you can even add your organization to the browsers trusted organizations so the users don't get an error message.

Re:Certificate Services on Windows 2000

[RAMMS+EIN]

``add your organization to the browsers trusted organizations''
I wonder if that should read browser's or browsers'. In the first case this is sort of useless, as adding it to your browser still leaves your customers with an error message. In the (unlikely) event that the second case is true, it would be a fantastic way to obtain passwords, although it could also be used legitimately.

Re:Certificate Services on Windows 2000

[Conare]

You can also do the same thing with OpenSSL

QuickSSL

Rackshack.net has a link to a $49 QuickSSL certificate. I haven't used them, but it sounds like a good deal.

Re:QuickSSL

RackShack (an EV1 Company) has their Certs done by Geotrust

Re:QuickSSL

[Gravital.net]

I use the QuickSSL cert through rackshack for my cert. I know it IE4 doesn't like it (it gives a warning), but IE5+ and Mozilla have no problem with it. You can't beat it for $49/year

DirectNIC.com does SSL certs for $99/yr

Title says it all

Re:DirectNIC.com does SSL certs for $99/yr

[suicidal]

Actually, it's $118 annually.

$99 is the one-time gateway fee for setting up a merchant account.

Still, not bad.

Re:DirectNIC.com does SSL certs for $99/yr

[giberti]

Well, almost $99/yr, looks like inflation struck here...

Pricing Info states US$118 each, but still a nice agressive price.

No Real Options, Sorry

[sabat]

There aren't really many options, because the browser has to recognize the signer, and the major browsers only recognize Verisign (and Thawte, which is also Verisign).

RSA is the company that started Verisign, so you can guarantee they'll not be of help.

If this is a situation with a limited client base, like a company, you can self-sign and send everyone your CA certificate and have them all import it into their browsers (all browsers support this, I believe). But what a pain.

I wish the news was better, but you're right -- it's a scam. The problem isn't technical; it's political.

Re:No Real Options, Sorry

[namespan]

and Thawte, which is also Verisign

WTF? How? Do they get their service through Verisign, or are they held by Verisign now?

Arrrrg. Verisign is the hydra...

Re:No Real Options, Sorry

[stefanlasiewski]

Verisign bought Thawte about 2 years ago.

As I understand it, Thawte mostly deals with customers outside of the US (which has been their domain for years). Verisign mostly deals with customers inside the US and Canada.

I they they are mostly two distinct entities, with 2 different sets of managers (A few managers probably work both sides of the fence). The profits from both entities drop in the same bucket.

Thawte's support used to be much, much better then Verisign's support. Let's hope they spread the Thawte philosophy among the Verisignites...

Re:No Real Options, Sorry

[1984]

This is somewhat misleading. I bought a cert for a smal personal Web server from Comodo, since it was cheap (about $60). It works fine with (i.e. is trusted by) all 4.7x Netscape and above, all IE 5 and above.

The only point of buying one, after all, being that visitors aren't subjected to confusing warnings about certificates.

Besides that one certificate I haven't dealt with Comodo so won't recommend at random -- but they supplied the certificate quickly, cheaply enough, and it works.

Re:No Real Options, Sorry

[Slycee]

and the major browsers only recognize Verisign (and Thawte, which is also Verisign).

That depends on what you mean by "major browser." Take a look at the list of authorities that Mozilla recognizes, for instance (in prefs > privacy and security > Certificates). It's quite a large list.

Re:No Real Options, Sorry

[yer-man]

Netscape & IE also include long lists of trusted root certs from a number of different cert authorities. If you view these certs, you'll often find contact info (an e-mail address in the 'Issuer' field). Even fairly old versions of the browsers have fairly long lists with still-valid certs.

Re:No Real Options, Sorry

[lylonius]

Actually, you are mistaken.

Today's browsers (even the first SSL enabled browser, Netscape 2.0) recognized _dozens_ of certificate authorities. Besides Verisign and Thawte, there are RSA, Entrust, and others.

You are also mistaken that RSA started Verisign; RSA Security was the company that licensed the RSA public-key algorithm. They actually compete directly with Verisign as a CA.

To see for yourself:
(Netscape|Mozilla): Edit->Preferences->Privacy->Certificates
IE: Tools->Options->Content->Certificates

Re:No Real Options, Sorry

[terminal.dk]

Downgrade people's IE to something more than a month old, and use a free personal cert from thawte to sign your self issued server certs, and all is OK.

If people install patches, you must pay. Even Diners-club (Carte Blance) Denmark says their certificate is invalid with IE 6, and says to install their cert, or get an unsafe browser.

Re:No Real Options, Sorry

[God!+Awful]

You are also mistaken that RSA started Verisign; RSA Security was the company that licensed the RSA public-key algorithm. They actually compete directly with Verisign as a CA.

Check your facts before you post. RSA was in fact spun out of Verisign. Just because they compete now doesn't mean that they weren't ever affiliated.

-a

Re:No Real Options, Sorry

[Kragg]

Fool. that very article says that VeriSign was spun out of RSA.

Re:No Real Options, Sorry

[Patersmith]

Anyone know what it would take to be included in the major browsers default certificate list?

Re:No Real Options, Sorry

[Spackler]

Anyone know what it would take to be included in the major browsers default certificate list?

Money

Re:No Real Options, Sorry

[Permission+Denied]

send everyone your CA certificate and have them all import it into their browsers (all browsers support this, I believe).

No, IE for Mac Classic does not support this.

I tried the self-signed thing, but it's a HUGE PITA. Then I found that about a quarter of our users (those with Macs) could not import the cert.

I ended up writing a home-grown java-applet-based encryption thing. Works on all major browsers, doesn't require any support time (which was a huge deal, we were large and very decentralized), doesn't require computer-savvy user to import cert themselves, doesn't require dealing with a CA (which was also a big deal since we had 15 web servers that needed to run the exact same thing (long story)). We only needed encryption for a couple very specific transactions (not the entire session) and it worked very well.

Apropos of the ugly-URL story: this applet would take user input, encrypt it, encode it into base-36 and then redirect the browser where the encrypted string was passed via GET. URLs ended up being about 300 characters long and looked like this: http://site.com/x.php?c=897aasdf698sad897b789l2345 jkh3lk45h345 and so on. Worked beautifully :)

Re:No Real Options, Sorry

[NearlyHeadless]

Verisign (née Network Solutions) evidently forgot to renew NetSol.co.uk (shockwave audio).

Re:No Real Options, Sorry

[pjrc]

I ended up writing a home-grown java-applet-based encryption thing. Works on all major browsers, doesn't require any support time (which was a huge deal, we were large and very decentralized), doesn't require computer-savvy user to import cert themselves, doesn't require dealing with a CA

And probably doesn't have good security against imposters or man-in-the-middle attacks (other than security through obscurity). Just because you're encrypting the data doesn't mean you're sure the entity on the other end really is who they appear to be. For that, you need some trusted third party (the CA).

this applet would take user input, encrypt it, encode it into base-36 and then redirect the browser where the encrypted string was passed via GET. URLs ended up being about 300 characters long and looked like this: http://site.com/x.php?c=897aasdf698sad897b789l2345 jkh3lk45h345 and so on. Worked beautifully :)

Yes, it "works", in that it functions, but how secure is it?? It sounds like all the details of the algorithm AND the key you used are encoded in the java bytecodes you transmitted to the client. Because they have the applet bytecode, they could easily do some known plaintext trials. Perhaps you change the java applet's bytecodes to use a key key every time and then allow each one to be used just once and automatically expire after some time?

Even if your algorithm is strong and you're not always using the same key, there's no assurance that the string will be transmitted to the correct destination. You're entrusting that to the browser, which is in turn entrusting it to DNS.

That is the whole purpose of the cert and the CA (who's job it is to make sure the organization receiving the cert is "for real" and the info in the cert is correct).

Re:No Real Options, Sorry

[Flossymike]

And Opera, Preferences | Security| Certificates

Re:No Real Options, Sorry

[FTL]

> Today's browsers (even the first SSL enabled browser, Netscape 2.0) recognized _dozens_ of certificate authorities. Besides Verisign and Thawte, there are RSA, Entrust, and others.

Ok, lets take a look. I have a freshly installed Windows 98 system here. What does IE4 come with:

1. Verisign (expires 2010)
2. Thawte (expires 2020)
3. Microsoft (expires 2020)
4. ATT (already expired)
5. GTE (already expired)
6. MCI (already expired)
7. Keywitness (already expired)

So, those are your options. That's why I'm sticking with Thawte for now.

Re:No Real Options, Sorry

[RAMMS+EIN]

As I understand it, you don't have to be in the browser's default list. If you obtain your certificate from a company that is in the list, then all certs that link to yours will be valid, because the algorithm works up the chain until it either finds a recognized CA, or reaches the end of the chain. Correct me if I'm rong, though.

Re:No Real Options, Sorry

[drewcifer1]

Think about what you just said. Freshly installed version of windows 98. No wonder none of the other certificate authorities work.

Re:No Real Options, Sorry

[Conare]

Actually, a later post accurately refutes this.

Re:No Real Options, Sorry

[chef_raekwon]

are you dislexic?

Re:No Real Options, Sorry

[sabat]

The dozens of CAs in browsers -- I'm not surprised I'm wrong; I'm a little behind the times.

But RSA did in fact start Verisign. I know this because of close personal connections to the situation.

Re:No Real Options, Sorry

[Permission+Denied]

And probably doesn't have good security against imposters or man-in-the-middle attacks

Nice of you to assume that.

1. It uses public-key crypto. The public key is indeed built into the bytecode, but it would be much easier to simply download the .java file that I provide for the user to peruse. In order to use any kind of symmetric block cipher, that would entail finding a way to securely transmit the key, which would probably mean bidirectional communication, which means more work - so don't use symmetric crypto. I explained the parameters of the problem: only two transactions need to be encrypted from the client to the server (eg, user types in their password), so taking the performance hit of public-key crypto is not an issue.
2. It uses a very simple protocol (see if you can recognize this): along with the plaintext, client also encrypts their world-visible IP and a timestamp. Server decrypts ciphertext and makes sure IP matches up to the client that sent it and that timestamp is within a few minutes of the actual time. If Eve intercepts the communication, and is able to masquerade as client, she can only send duplicate transactions for a few minutes (due to the timestamp).

   Can you recogize this protocol? If you can't, perhaps you should think twice about immediately criticizing someone you don't know. (Hint: Kerberos v4).

   I actually added another bit to this: server also sends to the client an integer, which client sends back encrypted. Each time server sends the integer, it increments it, and when client sends that integer back, server compares that to a list of recently sent-back integers, so that prevents the above passive attack (which Kerberos v4 is susceptible to) - eg, in order to duplicate a transaction, Eve must prevent the transaction from reaching the destination in the first place, and even then she can only send that transaction once within a few minute window (after she has set up IP spoofing - which is not trivial). After all that work, all Eve managed to do is relay the transaction as if it reached the intended destination in the first place.

Of course I'm simplifying here since I've already typed enough (it gets a bit more complex because it correctly deals with NAT). Basic point is that you shouldn't make assumptions.

Thawte

[peterdaly]

Thawte may be worth looking into. They used to be a competitor to Verisign, although now I believe they are owned by them (what isn't?).

They have certs available for $199. Still not cheap, but better.

-Pete

It is a scam

[dnoyeb]

I say the same thing about signing my Java applets. Sun only puts Verisign or Thawte root certificates. So if you want to avoid your customers seeing some redicuouls

"Jesus!! this software is unsigned!!!"

message, then you gotta buy the certz. I am self signing right now. I would love if OSDN could have their own root certificate and let us public folks buy from them. Any malicious signers will be found out quickly so whats the big deal???

I think this signing thing is DRM in action. Nobody is realizing it yet.

Re:It is a scam

[ADRA]

"I think this signing thing is DRM in action. Nobody is realizing it yet."

I think everyone is realizing it, but doing nothing about it. It is one of those sticky technologies that can be used for good and evil. There is and always will be good uses for this technology like the way it is being used today, but on the other hand, forcing certificates on those that just want secure internet connections seems rather arguable to me, but since it is in spec there isn't much for us to do until I take a flame thrower to all the anal-monopolistic companies.

Just to clearify the DRM == cert part, I think the nature of DRM forces anyone who implements that security mechanism to use certs.

The real problem when internet connected devices become more pleantiful, and central authorities like Microsoft and Verisign start signing everything under the sun. Running a program on Windows 2004:

#bash
- Error 31337 -
Problem: This program has not been signed by an
application trusted provider.

Solution: Bend over and take it like the
mule that you are
-

#Format C:

- Error 31337 -
Problem: This program has not been signed by an
application trusted provider.

Solution: You can never escape us! MWAHAHAHAHA!
-

Re:It is a scam

[throbbingbrain.com]

At least newer jvm's will allow runtime acceptance of unknown certs with a yes/no dialog box on signed applets. Useful, but still irritating.

Re:It is a scam

[bigsteve@dstc]

I would love if OSDN could have their own root certificate and let us public folks buy from them. Any malicious signers will be found out quickly so whats the big deal???

The big deal is that without a cert issued by a reliable Certification Authority (CA), you don't know who the signer is, let alone whether he/she/it has a reputation for maliciousness.

Setting up as a CA in general and a root CA in particular is not simple. There are all sorts of security and auditting requirements that have to be satisfied even before the CA can start issuing certs. And for each Cert, the CA needs to check the identity / bona fides of the cert principal and the agent the CA is issuing the cert to. If the CA doesn't do all of the above, the certs are worthless.

Another problem (previously noted) is getting any new CA's root cert installed in the initial keystores of popular web browsers, JVMs and so on.

Re:It is a scam

[RAMMS+EIN]

``forcing certificates on those that just want secure internet connections seems rather arguable''
Right. That's a point I forgot to make in a previous post. Most of what I know about certificates comes from research I did in an attempt to offer users of my services a secure connection. Turns out the only way to enable https connections is by using certificates. Of course, I didn't want to fork out all this money just for test-driving the system, so I went for self-signed certs. This popped up a security warning whenever the secure connection was requested (unless disabled after the first time), in effect reducing people's sense of security instead of increasing it.

I see the point in using certificates. It's an excellent way to ensure the entity you're communicating with is in fact the entity you think you're communicating with (although, of course, CAs are run by people, and people are flawed). I see why certificates are expensive; there is a lot of work in deciding whether the requester is thrustworthy or not. Certificates are not my problem. My problem is: Why do we need them if all we want is encrypting communications?

Re:It is a scam

[Ben+Hutchings]

I see why certificates are expensive; there is a lot of work in deciding whether the requester is thrustworthy or not.

I'm sure the CAs would like you to think this, but that is not what they do. All they do is to check that the request came from an entity who has authority to use the identity being certified (for SSL, this is a domain name).

My problem is: Why do we need them if all we want is encrypting communications?

Well, you need to get the public key for the entity you intend to communicate with, somehow. Certificates make key distribution easier by allowing peers to verify public keys sent by the very entity they are trying to check the identity of.

Re:It is a scam

[dnoyeb]

For me the whole idea of Java is to put the hardware consideration on the JVM manufacturer. For the average programmer this saves them work. But for me in the Automotive industry I keep trying to explain to my company this means less liability for us.

I relate this to certificates because a CA can easily pass the buck on to the credit industry by simply letting everyone know the only thing required for a signature is a valid Credit card number. Credit cards can easily be tracked. In any event, this is all the security your average hacking programmer needs. Free software does not need anymore security than that. For my Fortune 100 company, I would recommend they use somebody they can sue if the certs are cracked.

Re:It is a scam

[Jonathan_S]

I would love if OSDN could have their own root certificate and let us public folks buy from them. Any malicious signers will be found out quickly so whats the big deal???

The problem with this scheme is that practically no browser implements an automatic check of a CLR, certificate revocation list. So all of these certificate issuing places have to place a lot of security upfront to make sure someone is who they say they are, because the cert issuer has no way to effectively revoke a certificate until it naturally expires. If you revoke a certificate but nobody knows then everyone thinks it is still valid, so discovering that someone is malicious does you no good because you can't yank their cert.

That is why microsoft had to release a patch for internet explorer to add a couple of fake microsoft certificates to a revoked list. There was no automatic way to do so!
Do you think Microsoft is going to issue a patch to revoke Joe Blows cert if OSDN discovers he is malicious?

Re:It is a scam

[bigsteve@dstc]

... a CA can easily pass the buck on to the credit industry by simply letting everyone know the only thing required for a signature is a valid Credit card number. Credit cards can easily be tracked. In any event, this is all the security your average hacking programmer needs. Free software does not need anymore security than that. For my Fortune 100 company, I would recommend they use somebody they can sue if the certs are cracked.

It a CA were to issue identity certs to anyone who could provide a credit card number, those certs would be worthless. At any given time there are probably thousands of stolen credit cards / numbers in circulation whose owners havn't noticed to be missing. Obtaining a fake cert would be trivially easy. Even if the cert were revoked, many people could be tricked.

A CA that did this would have a hard time passing the blame to a Credit Card company. I'm pretty sure that the Credit Card company's liability starts and ends with guaranteeing that financial transactions are completed as per contract(s).

Frankly, I can't see any point in anyone using a cert from non-trustworthy CA. You are better off using a self-signed cert on your web-site.

ssl webhost won't work?

[dildatron]

I would just go for one of the thousands of web hosts that give you some sort of SSL package. Unless you need your very own certificate, they are definately the way to go for the small business because the host purchases the stuff and just charges you a small fee.

If this is not acceptable for your situation, then I am afraid you have to bite the bullet and front the money.

But don't get lost in the middle - remember the whole reason you are using SSL is for security. Whether the certificate comes directly from you or your webhost doesn't really matter as long as it is secure. That's why I would recommend that you let them pay for it and disperse the cost among their users.

Re:ssl webhost won't work?

[anthony_dipierro]

I would just go for one of the thousands of web hosts that give you some sort of SSL package.

Then everyone else sharing your certificate can hijack your connection.

Comodo - $49

[wooft]

Comodo

You can even get a free 30-day trial cert.

Re:Comodo - $49

The free cert basically only works with IE. They claim IE has 95% of the market share, but I guess that depends on the type of website you operate...

Are there actually limitations on that free cert? E.g. are you required to buy the 'real' cert? With other words, is it a 'get 3 months free if you buy one year' scam?

Re:Comodo - $49

[wooft]

I've tested the trial cert. in Netscape 4, Opera 5, MSIE 5, and mozilla. They've all worked just fine. It is currently installed on a live website, 28,000 hits, 4 days, no complaints. Now, they have changed their intermediate recently, things probably changed since your experience.

No limitations on the free cert. No strings attached. It does expire after 30 days, though.

There really is no reason a CA must charge hundreds of dollars for these things. Up until recently it has been monopoly pricing (Verisign *spit*)

Tucows

[Leme]

Tucows also does this:

http://resellers.tucows.com/opensrs/certificates /

Quite affordable plus you can become a reseller.

Re:Self-sign

That's not a very safe attitude for "people" to take. How can they be reasonably certain the remote server is actually who it says it is if the cert is self signed?

Re:Self-sign

[Raskolnk]

I would agree, but I can't get IE to install the certificates permanently. I click through the install dialogue every session, but it never sticks. Mozilla is fine after the first run.

SSL worthwhile?

This is just kind of a question, really... Because you bring up an interesting one with the whole 'click-through instruction' thing: How effective are certificates and SSL, anyways?

If people accept any certificate because don't know what one is, and just want their effing content? If the sites using SSL are not keeping current versions, that is, are vulnerable to exploits anyways?

Re:SSL worthwhile?

[williewang]

The short answer is yes.

Generally speaking, sending stuff in the clear is bad juju. And though many here have criticized the previous advice of 'just click through the warnings', the reality is, that's what happens in an intranet situation--particularly with home-grown sites and webUI appliances. Who is really going to go to all the trouble and enormous expense of creating a SAS-70 proof pki and then getting their CA cert embedded in browsers--only to have to wait a few years until it's populated into userland browsers?

Is it perfect, defensible in a 3rd party audit, and sound? Not really, no. But it's a great improvement over clear text. And, how many people here really demand and examine the fingerprint of an ssh server? The truth is, you just know it's not telnet and that's a hell of an improvement.

Particularly with 133t 4ax0r wannabes working internal help desks and NT administration with their packet sniffers going, I would say some encrytpion is much better than none.

General rule: for intranet and non-customer facing, home-grown certs are ok--for truly sensitive things (employee health records, payroll, etc.) and externally facing things--spend the money on an ssl cert.

YACSC

[decarelbitter]

(Yet Another Certificate Selling Company)

Take a look at Domainmonger, they sell them for US$ 150.

Thwate

[nelsonal]

Thwate is a Verisign company who used to charge lower prices for what ends up being a Verisign certificate. Last time I checked they were about half the price of Verisign. An alternative company is Baltimore Technologies. One of the main reasons to go with a known player is that their certificates are already in browsers, and they tend to do some background checking to ensure that your business is legit. Anyone can create SSL certs, it helps to be able to point to a name your customers will recognise, as a method to add credibility to your business.

Re:Thwate

[madcoder47]

It doesn;t seem like a scan, just appears to be a reseller. Read the fine print. From thwate.com, "© Secure Hosting Limited, providing secure server hosting and reselling Thawte SSL certificates to our clients. This site is not owned by Thawte."

Re:Thwate

[Spy4MS]

Depends on your definition of 'scam'. Another company profitting from a misspelling of Thawte's name seems like a scam to me, especially when Thawte's name is all that they have to sell.

And the fine print was in a font so small that it wasn't legible at 1024x768. Does it still count?

Cheapass trusted SSL certs

[pablos]

You can purchase a ridiculously cheap ($50) 128bit SSL cert, trusted by browsers from http://www.geotrust.com

All you need a valid credit card to get a
cert. The CA key is loaded in almost all of the browsers, the notable exception being Opera.

They do send a 'auth check' by emailing the domain admin contact you can select.

The entire ordering process (including filling out forms) takes less than about 5 or ten minutes.

This should SCARE you if you're relying on the security provided by Veri$ign and the root that ship with browsers. - pablos.

Re:Cheapass trusted SSL certs

[Letnux]

I think you are a little off... I just went to there website and a 128bit QuickSSL Web certi si $119 Is there something I am missing?

Re:Cheapass trusted SSL certs

[God!+Awful]

If I go to a page and an applet pops up that says "You are about to run an app signed by foo.com. Geotrust asserts that this really is foo.com" I'm going to say "who the hell are Geotrust" and hit cancel.

-a

Re:Cheapass trusted SSL certs

[letxa2000]

Most (normal) people don't even know that businesses with secure pages have supposedly been "verified." Thus it really doesn't matter who you purchase the certificate from as long as it doesn't pop-up a browser warning. No-one is going to do business with a site they don't trust. It's not like you go to a site, and say, "Wow, these guys look real shady. But heck, they have a Verisign cert, ok, no problem." That doesn't happen.

Building trust is an issue between the website and their potential customer. If the customer trusts the site, they're going to buy regardless of who signed the cert. If they don't trust the site, they're not going to buy regardless of who signed the cert.

Verisign and Thawte are, for obvious reasons, trying to promote the idea that their certificates cost more because users somehow trust their verification process more. That is BS. No-one cares because each individual person decides whether or not to trust the website in question.

In reality, all people want out of SSL is encryption. The decision to trust the business in question is always going to be the customer's and that decision will not be influenced by who signed the cert.

Re:Cheapass trusted SSL certs

[IPDaddy]

Since an "auth-check" is made instead of the more typical organization check, if you view the subject information for the certificate you will see something like this:

CN = www.yourdomain.com
OU = Domain Control Validated - Organization Not Validated
OU = See www.geotrust.com/quickssl/cps (c)02
O = www.yourdomain.com
C = US

In this case, if you feel your subject info must past scrutiny you are out of luck. The cheapest cert they have which works in almost all browsers and doesn't show this message is the "true businessID" which costs $229.00 for a new cert or $159.00 a pop for renewals.....Oh, and for this "low price" they make you agree to display their advertising icon crap on your page. I never do, and they don't seem to know. I will say this though, they are much easier to work with than those assholes at Verisign, and have a very responsive support team. These guys always seem to be cleaning up after these little marketing glitches with refunds and re-issues after the truth is realized about why they offer such a cheap cert.

Didn't take long after rolling my own with openSSL to realize what a power/money game the cert business is!

Re:Cheapass trusted SSL certs

[OsamaBinLogin]

> Building trust is an issue between the website and their
> potential customer. If the customer trusts the site, they're
> going to buy regardless of who signed the cert.

Makes a lot of sense to me. How often do you get ripped off by an impostor site with a bogus certificate? Like, never. How often do you get ripped off by a real company (all certs in order) selling a mediocre or broken product? Much more often.

Re:Cheapass trusted SSL certs

[lspd]

"In reality, all people want out of SSL is encryption. The decision to trust the business in question is always going to be the customer's and that decision will not be influenced by who signed the cert."

This just begs the question...why? Why doesn't the BBB or some similar consumer protection group issues certs? None of the certification authorities mentioned in this thread give a damn about consumers, and that's no great secret. So if I see a verisign cert, your right, it has no bearing on the quality of the merchant...but if I see a BBB cert, I could reasonably assume it's not some fly by night rip-off artists.

(Before you even say it...yes, I know the BBB is funded by retailers, and has ignored consumer complaints in the past.)

Re:Cheapass trusted SSL certs

[jonbrewer]

If I go to a page and an applet pops up that says "You are about to run an app signed by foo.com. Geotrust asserts that this really is foo.com" I'm going to say "who the hell are Geotrust" and hit cancel.

In your comment you refer to a signed applet, which is quite a different thing from an SSL session. (the topic of discussion)

When your browser establishes an SSL session with a server, the only thing you see is a little lock icon and the fact that your URL is https and not http. Your browser won't establish the session if the server's certificate isn't trusted and valid. (Netscape and IE automatically trust certificates issued by several vendors) It's transparent to you.

This means that an SSL certificate from Geotrust is probably a very good thing, as browsers trust it and users will never need to know who Geotrust is.

An applet requiring permissions to play outside the sandbox, or in other words to fuck with your computer, will always ask your permission before doing so. The person writing the applet doesn't necessarily have to be a good or honest person, they just have to be who they say they are in order for Verisign or anyone else to allow them to sign their applet.

(this means stay away from anything that asks permission to install on your PC unless you have complete trust in the source of the app.)

Re:Cheapass trusted SSL certs

[flynn23]

maybe not the BBB, but perhaps something like Consumer Reports or another watchdog-like group.

Re:Cheapass trusted SSL certs

[jcam2]

A certificate says nothing about the quality of the website or the business behind it - it just proves that the SSL connection has not been hijaaked. Some having some consumer group issue certs makes no sense.

Re:Cheapass trusted SSL certs

[lspd]

"A certificate says nothing about the quality of the website or the business behind it"

All I'm saying is that it could, rather simply.

Just for a moment, imagine that the BBB honestly put the put the protection of consumers as it's first priority.

Now imagine I have a website www.cheapasscomputerparts.com that's listed on Pricewatch. There are, of course, plenty of scammers and upsell artists on Pricewatch, and I want to differentiate my site from them, so I apply to a BBB "Consumer Friendly Merchant" program. After reviewing my site and my business methods they give me a nice little BBB logo (which, of course, anyone could fake) and a BBB cert for my shopping cart (which shouldn't be fakeable and should expire in a reasonable timeframe, let's say monthly) If the BBB starts getting a bunch of complaints about my site they can simply stop renewing my cert. As long as I have a BBB cert you know that my site was endorsed within the last month.

I don't know about you, but I'm getting a little tired of having to locate products on Pricewatch, Dealtime, BizRate, MySimon, etc then google around looking for consumer experiences with the companies that are listed. And, of course, you have to bear in mind that it's trivial to fake positive reviews. A consumer protection group could do much more to keep merchants honest, and a cert would be a great way of conveying that.

Re:Cheapass trusted SSL certs

If I open my browser preferences, and view the certificate list, I see a text saying something about "the list of certificates you trust". Looking at the list, I see names like Verisign, and think "Why the hell should I trust a company named Verisign", and hit delete.

Re:Cheapass trusted SSL certs

[dnoyeb]

That is a very important point. People may be engineered to believe a Trusted site means the site is reputable, versus only meaning the site is exactly who they identify themselves as.

When will customers ever comprehend that a site could put a "BUY WITH PAYPAL" button on their site, but when you push it, it only goes to a fake paypal site to steal your login info. Customers just don't understand that reality.

Re:Cheapass trusted SSL certs

[BroccoliGod]

http://www.resellerratings.com

Re:Cheapass trusted SSL certs

[God!+Awful]

In your comment you refer to a signed applet, which is quite a different thing from an SSL session. (the topic of discussion)

It's not a completely different topic, since the same certs are used for both purposes. I checked my browser's configuration today and I was shocked how many root certs come preloaded. Lots of stuff from other countries. How do I know that some random cert issuer isn't going to get bought out by the Russian mafia.

Say what you like about Verisign, but at least they are a large company that is concerned about its image. AFAIK, they go through some steps to verify that you are an actual registered company with a legitimate street address, unlike the 10 minute sign-up form the OP mentioned. When Verisign issued those fake Microsoft certs it was a big scandal; if Geotrust had done it, would we have even heard about it?

Luckily, DNS provides a good second wall of defense against these sorts of attacks, but it's not perfect. Let's say you're surfing the web and someone recommends a book that interests you. It's the Onion Ad Nauseam with the customary link to Amazon.com (http://www.anazon.com/exec/obidos/tg/detail/-/140 0047242/ref=ts_bh_1_8//103-0748334-6971015?v=glanc e&n=283155). Do you always check to see if Amazon.com might be misspelled? Normally I couldn't care less whether I'm browsing securely or not, but when I'm getting ready to place an order, I always check for the little lock in the frame of my browser.

Incidentally, if you do decide to check out anazon.com, you might want to turn Javascript off first.

-a

Free root cert project

[kylegordon]

You may find what you're after over at http://www.cacert.com The creator of this website believes that trusting someone should be free, and is doing his best to make this happen.

Re:Free root cert project

[Gordonjcp]

You shouldn't piss off the nurses in the Genito-Urinary Medicine clinic then, should you? I warned you, they can really do painful things to you in the name of "treatment"...

Re:Free root cert project

[V.+Mole]

Nice idea. Unfortunately, the MD5 fingerprint on the root certificate doesn't match what the webpage claims it should be. This leads to doubts...

I suspect what happened is that they issued a new certificate on September 15th, and forgot to update the webpage. But that kind of sloppiness is not reassuring, and the fact that nobody has fixed it in 17 days indicates that it's probably not very widely used. (And yes, I e-mailed the webmaster about the problem.)

Re:Free root cert project

[kylegordon]

I'll pester him even more about it then ;-)

Re:Free root cert project

[V.+Mole]

Good. You can also bug him about not having a useful webmaster address, or other contact information on the site. E-mail to both webmaster@www.cacert.com and webmaster@cacert.com bounced:

webmaster@cacert.com: host mail.mediadome.net.au[210.8.208.1] said: 553 sorry, that domain isn't in my list of allowed rcpthosts (#5.7.1)

Re:Free root cert project

[dnoyeb]

That is a nice start, but why support the M$ monolopy which Netscape/AOL does not seem to be interested in breaking. Why support the M$ keystore is what I mean???

Why is he doing stuff that is already free and popular in PGP. He is only offering mail certs. When he offers beyond mail certs, then I will be happy to see it. But im not knocking him, hes done a good job.

Easy one

[shurdeek]

There is a nice page, http://www.whichssl.com. Through the comparison tables there I found comodo's http://www.instantssl.com. I generated a demo certificate first and after I had no problems with it, I bought it. For $49 a 128 bit, not 40. Recommended.

InstantSSL

[aldjiblah]

Just switched from Thawte (adding $100 each year for your certificate services is NOT a good way to hold on to your customers, Thawte!) to InstantSSL.

At $49 a piece for standard certificates they're the cheapest my company could find when we went looking last month. So far I have no problems recommending them.

Re:InstantSSL

[Snap+E+Tom]

I'll vouch for InstantSSL/Comodo. I'm using it on a local non-profit site. $49/year gets you a 128 bit certificate. They've got a 30 day trial program, and their support staff was very helpful when we had a problem.

Re:InstantSSL

[letxa2000]

I just switched from Thawte to InstantSSL, too. I didn't even know there were cheaper alternatives now available until I had a run-in with Thawte over their procedures during my renewal process, which caused me to go shopping. Saved some good money in the process.

I started an online store on my site in September 2001. At the time I couldn't find anything cheaper than Thawte. I went through all the paperwork hassles, process, etc. and eventually got one--though it was issued to me personally because they had weird requirements to prove my business existed (even though it was listed in DUNS, has been in business since 1993, etc.).

Last month it was time to renew. I wasn't looking forward to it but I figured I'd just be able to pay the bucks and be done. But NO, Thawte presented me with a whole new set of documentation that I had to provide. Never mind it was just to prove that I exist personally since the certificate was issued to me as a person, not the company. Never mind we had already gone through this the year before and nothing in the certificate was changing.

I got supremely pissed off and did some searching. Found InstantSSL by Comodo. The standard cert is $49/year with discounts available if you purchase more than 1 year at a time.

A little skeptically I signed up with them. I had my certificate the same day with no need to provide paperwork because their system was able to establish the existence of my company. And it was registered to my company (as it should be), not to me personally. Pleased with their service I purchased another certificate for another site I'd been meaning to get secured--since they already had certified my company that cert took about 2 hours to reecive.

I gave Thawte the 1-finger salute. I asked for a refund for the renewal I had initiated and purchased 2 years with InstantSSL for less than I was going to pay Thawte for 1 year. This is even better since Thawte is owned by Verisign, so by going to InstantSSL I effectively am free of Verisign. Always good.

I highly recommend InstantSSL. It's the Godaddy of SSL certs. :)

Re:InstantSSL

[Bakafish]

I use them too, they were very helpful. I use the same cert for my courier secure-imap server as well. I bought the 3-year certificate for $125. Quite a good deal.

Re:InstantSSL

[mino]

I just switched from Thawte to InstantSSL, too

Great idea. Thawte have just jacked up their prices by hundreds of percent: SGC certificates (what Thawte call 'SuperCerts', and which are almost mandatory for any company really serious about security) gone up from about USD200 to about USD340 (USD300 just for a renewal), but now you need to license your certificates if they are to be used on multiple machines.

Got several identical web servers behind a LocalDirector- or Big/IP-type device, all needing the exact same certificate? Sure, export the cert from one web server, add to the others. Now, Thawte want to sting you for a licensing fee (there was never formerly such a fee). And it's enormous. Check it out, it's well-hidden.

Oh, and InstantSSL?

Browser Compatibility:
Internet Explorer 5.00 and above
Netscape 4.x and above
AOL 5 and above
Opera 5 and above

Where's IE4? Oh... hmm. It's not there. Once again, not really good enough for someone who needs ubiquity.

And, as far as I can see, Thawte and Verisign no longer offer real PKI structures, where they sell you a root cert to sign your own certs. So if you have a lot of subdomains, you're SOL.

What a rort.

Re:InstantSSL

[letxa2000]

Where's IE4? Oh... hmm. It's not there. Once again, not really good enough for someone who needs ubiquity

Have you checked you weblogs? How many hits do you get with IE4 browsers?

Re:InstantSSL

[aldjiblah]

It's worth adding to this something I'm sure you're fully aware of, but which probably isn't understood by everyone: if you do not need the verification offered by a browser-supported CA, you can sign your own certificates (for free, of course) and still get the exact same encryption and, indeed, security.

Great for everything but the situations where you need your customers to hear from someone else that you're really you.

Learn how to do it.

Everything you need to be a certifying authority

[Chuck+Chunder]

comes with openssl. It even has a nice perl script to make it easy.
What Verisign and co have that you don't is their root certificates installed with the browsers by default. For internal use you should have no problem using your own certificates. For external use, where an existing business relationship exists (ie you aren't selling to the public, but to people who can trust your cert because they know who you are) it should take little more than a quick explanation.

It's not as much of a scam as you think.

[antis0c]

Sure we all hate VeriSign for all kinds of reasons.

However when you get an SSL Certificate from VeriSign and some of the other Cert signers out there, you are getting two things.

The most commonly understood thing you are getting is the encryption thats automatically accepted by just about any modern browser. However, the reason it's automatically accepted is because VeriSign is suppose to verify the identity of the business. This is why they require a Duns and Bradstreet # (It's a business credit identifier). This way you know when you're going to https://secure.yourdomain.com to enter your credit card information, that you are indeed still on yourdomain.com and that your information is encrypted, and verified to be sent to the company you intend to send it to.

So if all you are concerned about is encryption, just generate your own. It will however throw a warning in just about any browser that the identity of the site can't be verified. Other than that, cost of this service isn't going to drop very dramatically without losing its verification services.

I understand though, that browser warning annoys me too.

Re:It's not as much of a scam as you think.

[g4dget]

However, the reason it's automatically accepted is because VeriSign is suppose to verify the identity of the business. This is why they require a Duns and Bradstreet # (It's a business credit identifier). [...] Other than that, cost of this service isn't going to drop very dramatically without losing its verification services.

That would be a fine argument if they actually do any significant verification. My impression is that they don't.

I think it's foolish to rely on VeriSign or anybody else to guarantee that the company on the other end is who they claim they are. And you don't need that anyway--you don't get that protection for mail order either, and, besides, lots of people can get your credit card number without all the hassle of setting up a web site.

What matters ultimately is the money trail: not VeriSign, but MasterCard, needs to know where your money went and get it back for you. That's their responsibility as credit card companies.

Re:It's not as much of a scam as you think.

[borud]

However, the reason it's automatically accepted is because VeriSign is suppose to verify the identity of the business. This is why they require a Duns and Bradstreet # (It's a business credit identifier).

knowing your social security number does not make me you. it makes me someone who knows your social number. nothing more. nothing less.

while a lot of people seem to think they know the mechanics of cryptography pretty well (and probably do), there still seems to be a lot of people who aren't really in the habit of thinking where security supposedly comes from in any given scheme.

Re:It's not as much of a scam as you think.

[antis0c]

I agree. Thats why I said "VeriSign is suppose to" and not "VeriSign does". Obviously they don't, remember the whole fiasco with them giving out a cert to someone posing as Microsoft? I'm just saying, thats the idea. I don't agree with it. :)

Re:It's not as much of a scam as you think.

[letxa2000]

Definitely. I didn't even know "SSL certificate" supposedly meant the company had somehow been verified by some authority. I thought it was just secure communication until I went to get a certificate for my site.

It's silly. I think very, very few people (non-geeks) even know that when they see the "little padlock" it means the company they are talking to is supposedly verified. I think everyone evaluates the business they are thinking about ordering from BEFORE they even go to the SSL stage.

Further, the verification process of Verisign/Thawte is easy to get around. It's easy to get a cert assigned by them if you're willing to lie/forge. On the other hand, it's a damn hassle if you want to do their process honestly.

In the end, a user won't know if the certificate was acquired by someone lying/forging or by a company honestly going through the hoops.

As you said, it comes down to Visa/Mastercard. All users want is encryption, they don't trust Verisign to say "yeah, they're for real." They'll make that evaluation themselves. The only reason anyone pays for an SSL certificate is so that users don't get "certificate warnings" when they access the site.

Re:It's not as much of a scam as you think.

[_Sprocket_]

It's silly. I think very, very few people (non-geeks) even know that when they see the "little padlock" it means the company they are talking to is supposedly verified. I think everyone evaluates the business they are thinking about ordering from BEFORE they even go to the SSL stage.

I suspect many end users are more confused about the issue than even that.

Back when the PS2 came out, there was a number of scams popping up to feed the buying frenzy (and short supply) for the devices. I was rather amazed at how often people cited a Verisign certificate from a questionable website as verification that the business was legitimate. Granted - it could have been a kind of astroturf compaign by the scammers to further a false sense of legitimacy. But years of dealing with end-user issues has me believing that these were genuine users confused as to what a certificate does, and does not, mean.

Re:It's not as much of a scam as you think.

[muzzmac]

In my experienced they have rung the "Organisational Contact" by ringing the publically advertised corporate phone number.

That is a arguably more difficult to fake than the above.

Re:It's not as much of a scam as you think.

[fishbowl]

"You don't get that protection for mail order either"

Well, undetected, easily accomplished man-in-the-middle is not quite the same risk as it is on the web. Also, there is protection available for mail order: Certified and Registered mail, and, the stiff criminal penalties that exist for mail fraud.

Re:It's not as much of a scam as you think.

[feronti]

You can also just submit the incorporation paperwork, and they will accept that as proof that you are the organization you say you are. That's what we used at work, because we don't have a Dun & Bradstreet number (we're a member-owned, non-profit credit union... not sure if that's the reason or not, just know the accounting manager looked at me funny when I asked for the number when I renewed our cert this year... previous management had not documented our challenge phrase, so we had to start over from scratch).

Re:It's not as much of a scam as you think.

[bigsteve@dstc]

Verign is lucky that nobody sued their arses off
for negligence. Microsoft would have a strong
case ... at least morally, if not in law.

RSA Who?

[Blrfl]

Never heard of 'em. Must be some fly-by-night operation. :-)

FreeSSL...

[Chicane-UK]

Try out FreeSSL.com - they used to give fully signed SSL certificates away that lasted for three months.. I read that they were planning to offer free 'year' certificates.

They also currently offer a ChainedSSL certificate at a cost of $25 per year...

We've discussed this before...

[dildatron]

Search for SSL right here on our very own slashdot and you will find many relevant discussions, such as:

Implementing an SSL-Based Network

Web security, Privacy and Commerce

Why Are SSL Certificates So Expensive?

It is likely your question has been answered before here or elsewhere.

Re:Self-sign

[Anemophilous+Coward]

There is a way to do this with ASP scripting. A good base to start with can be found at this Microsoft Knowledge base article.

It is a starting point I used to make the root certificate stick. It will present the user with a large-ish alert box asking them if they want to install the certificate. It will only do this once as long as they click 'yes'. Subsequent visits to your site will be automatic from then on out.

This is course is great for internal sites, you can educate your users to click on the box the first time, then they never have to worry again. And they know it's trusted since it came from you. One small caveat, this probably only works on IIS servers and only works in IE web browsers.

- "A non-productive mind is with absolutely zero balance."
- AC

The problem with self-signing

[Pinball+Wizard]

For the 85-90% of you using Internet Explorer, take a look at Tools->Internet Options->Content->Certificates->Trusted Root Certification Authorities.

The established certification companies are already on this list. You are not. If you self-sign, you are basically counting on your potential customers to trust you as a certification authority. They can add you to that list individually. The question is, will they?

Since you are an unknown, small company, basically your customer has to trust that you have done everything right in order to protect their security. That's a lot to ask someone. Having a big player certify you tells your potential customer that even though you are a small unknown, you have done everything right.

It's just my personal opinion, but its one based on running an e-commerce site for the last four years. Go with an established certifier. If you are doing any sort of business at all online that requires SSL you will more than make up the annual fee in the sales you don't turn away because you were too cheap to get a real certificate.

Re:The problem with self-signing

[Ark42]

If the warning box PROPERLY EXPLAINED to the user that the question at hand is "Do you trust thissite.com ?" instead of "warning! lots of bad things will happen if you click yes!". How does paying money to a corperation really mean you are automatically trustworthy anyways? I would argue all CA's should be done away with and people should trust who they want to trust based on how the site presents itself. Browsers should ask the user in plain english, the simple question, "Do you want to trust this site for providing secure content?" Think of SSH as far as retaining the key for future verification.

Re:The problem with self-signing

[iCEBaLM]

The established certification companies are already on this list. You are not. If you self-sign, you are basically counting on your potential customers to trust you as a certification authority. They can add you to that list individually. The question is, will they?

Here's a question: Since when is the only reason to use SSL for commerce? What if you run some kind of community website (slashdot) and want to offer encrypted SSL logins for your users? Why pay $400 a year for that?

This is what really bugs me about SSL, it's assumed that all you want encryption for is to secure credit card info.

-- iCEBaLM

Re:The problem with self-signing

[Pinball+Wizard]

Since you aren't taking money, its wouldn't be nearly as much of a problem. Tell your users you self-signed to save money, no big deal. You don't have to go through a CA to use SSL, its just an added level of perceived security for a customer. The customer trusts Verisign because they are an authority and Verisign tells the customer they can trust this business. But you can take Verisign entirely out of the equation if you want.

Re:The problem with self-signing

[iCEBaLM]

I don't trust verisign for shit, I'm sure many others don't either. We're kindof forced to because their CA is in our browsers by default and we never really think about it.

-- iCEBaLM

The question that needs asking is...

[borud]

Why blow $400 on a certificate from a company that doesn't really provide a useful service. How much is their promise really worth that the holder of a certificate is authentic? I can't remember anyone actually checking if we were who we said we were the few times I've been involved in getting certificate -- apart from sending some papers and making some calls. Nothing an even half competent con artist can't deal with.

I think the whole CA-business is rather fishy. The only thing people are paying for is to have the pesky warnings that pop up if the certificate is not signed by a CA known by the browser removed. I have yet to see a single individual with even half a clue about cryptography state that he or she actually believes that the big certificate authorities actually provide any form of useful service.

I wish I had started a CA a decade ago and then jumped into bed with Netscape a few years later. This must be the single most profitable business online.

Re:The question that needs asking is...

[MartinB]

Why blow $400 on a certificate from a company that doesn't really provide a useful service?

Because the service they provide to you - the person with the $400 - is that end-users will do business with you securely because they trust the certificate.

And for goodness' sake, get off your high horse about end-users' understanding of cryptography. The business reality is that the $CURRENCY_UNITs of the people who understand cryptography are no more valid than those of everyone else.

Unless you have a niche market amongst cryptographic experts, not having security warnings popping up in browsers is the most important thing that customers (yes, those people who pay your rent for you) want to see.

Don't know about you, but $400 is small beer to any business I can think of that needs SSL for the general public. If $400 per annum kills your business plan, then maybe you don't need universally accepted certificates for SSL after all.

GeoTrust through OpenSRS

[GreenLantern]

If you also have the need for about $250.00 of product including domain names, check out becoming a OpenSRS reseller. You can get GeoTrust Certificates from $99.00

Stupid question

[f97tosc]

So, what is a signature and when is it needed?

What is 'self-signing'?

Tor

Re:Stupid question

[tomstdenis]

Each HTTPS site has a public/private key pair. The public key is signed by a root. The idea "magically" is that your browser has the root public key and can verify the signature on the particular sites public key.

The thought process is that if the key of the site you are visiting is signed then the site must be reputiable, etc, etc...

In effect root CA's are just a scam and the only thing you are paying for is a key signed by a CA root already installed in your browser.

If browsers were shipped without the stupid warning then the whole PKI industry would fail.

Tom

Re:Stupid question

[mlk]

A signature tells the web browser you are who you say you are, you can either make one yourself(self-signing), or pay a CA (supposivly trusted) to make one for you.

Re:Cheapass trusted SSL certs GEOTRUST

[Ark42]

*MOD PARENT UP*

Geotrust are probably the cheapest there are. Very no-hassle to aquire (all automated).
I got a good deal with geotrust ssl + rackshack.net (the ssl cert was free for me :)

What about InstantSSL?

[Klaruz]

Has anybody used InstantSSL? They claim to work with IE 5+, NS 4+, AOL 5+ and Opera 5+, which they say is 99% of the browsers in use out there. Sounds like a good deal to me.

I'm looking at using the cert to do some credit card auth for a webhosting company, and I don't really think I'd have a problem turning away that 1% of people who can't upgrade to a browser that came several years ago. That whole 80/20 rule kicks in there. I'm sure somebody who can't be bothered to upgrade to a modern browser is going to be a tech support nightmare.

Re:What about InstantSSL?

[perydell]

I have used them. Great service. Got the cert about 12 hours after I ordered.

Re:What about InstantSSL?

[letxa2000]

InstantSSL works great. I switched to it from Thawte last month. I was suspicious (like you) when I first ordered, but it works fine.

Do it. Don't think twice, and for God's sake don't give any money to Thawte/Verisign.

Re:What about InstantSSL?

[Bakafish]

Yes, I use them. I highly reccomend them. Try out their free 1 month cert (don't forget to download the chained authority certificate too.)

Re:What about InstantSSL?

[Nonesuch]

Has anybody used InstantSSL [instantssl.com]? They claim to work with IE 5+, NS 4+, AOL 5+ and Opera 5+, which they say is 99% of the browsers in use out there. Sounds like a good deal to me.

I'm hoping to try them out, but they do their validation through Comodo in the UK, and with the time difference, it's taking much longer than it should to get my certificate signed.

I'm looking at using the cert to do some credit card auth for a webhosting company, and I don't really think I'd have a problem turning away that 1% of people who can't upgrade to a browser that came several years ago. That whole 80/20 rule kicks in there. I'm sure somebody who can't be bothered to upgrade to a modern browser is going to be a tech support nightmare.

The way I look at it, the users who cannot be bothered to upgrade the browsers, are also the same users who are going to just 'click through' the "This certificate is not signed by a trusted authority" message, and most of the time, you'll still get their business.

Go ahead and click, don't worry...

[jaaron]

And put text in saying to click through the security warning. Most people will, anyway.

An excellent example of why "computer security" is an oxymoron.

Seriously though, this is of why many viruses spread -- people are gullible and lax on security. While I really understand that getting a proper certificate can be expensive, I'm not sure if I want to encourage this type of behavior.

Create own CA, don't just self-sign

[coyote-san]

You're going at the problem wrong. Don't worry about getting your clients to accept a self-signed cert, worry about getting them to add your own root certificate to those they trust.

This is actually straightforward - you point them to a URL that returns the root cert, with MIME type application/x-x509-ca-cert, and tell them to accept it for all uses when the broswer pops up a dialog box.

You should then use this root cert to sign your web server certs (and certs for mail servers, databases, whatever). All should be trusted immediately, assuming you have your other ducks in a row. (E.g., you need to have your web server cert's common name resolve to the IP address of the web server.)

It's a bit more work to maintain a mini-CA than to just use self-signed certs, but overall the benefits outweigh the hassles. Many of us are working on JSP tools to operate mid-range CAs, but I don't know how far most are. (The problem is Microsoft's eternally changing standards on how clients generate the cert request on their side - I can handle Netscape/Mozilla with ease, but it seems like every version of MSIE is just slightly different.)

Re:Create own CA, don't just self-sign

[Ian+Bicking]

By any chance, can somehow give a link to a good reference on how to set up your own CA? mod-ss-makecert makes self-signing really easy, but I have no idea what's involved with making a CA.

Re:Create own CA, don't just self-sign

[paco+verde]

The parent post is exactly how we do it in our organization (a non-profit with not a lot of money for certs, but lots of things we want to run over SSL). Once someone trusts your root cert you're good to go.

I mostly figured out how to set it up from the Apache mod-ssl module FAQ at http://www.modssl.org/docs/2.8/ssl_faq.html#ToC29. BTW, mod-ssl comes with a nice little signing script that is quite handy.

Once I got the hang of it with Apache sites I used the technique in the FAQ almost verbatim to produce certs for our IMAP and SMTP servers.

You might also check out http://www.openca.org/. I'm not using it, but if I was starting over I would be looking into it.

Re:Create own CA, don't just self-sign

[Vainglorious+Coward]

Take a look at OpenCA

Re:Create own CA, don't just self-sign

[faster]

There are a few packages that help you to run a private CA, for internal use, or for maing your own certs for web servers, email, VPN, etc.

Look up pyca, xca, openca, then search freshmeat for 'certificate authority'; there are a few others.

Look in your browser

[Eric+Seppanen]

In Mozilla, anyway, you can see a list of the trusted certificate authorities. There's a lot of them in there; Verisign couldn't have bought all of them (yet).

I think a lot of people out there use some other browser than Mozilla, though, so you might want to see what certs that other browser supports.

Re:Look in your browser

[SlurpDog]

In IE, you can go to Tools|Internet Options...|Content|Certificates...|Trusted Root Certification Authorities to see who's root CA certs are included. In Mozilla, it's under Edit|Preferences...|Privacy & Security|Certificates|Manage Certificates...|Authorities. Both browsers include many CAs besides VeriSign.

What the heck, here's the list of recognized Certification Authorities from Mozilla 1.1:
ABA.ECOM, INC.
AddTrust AB
American Express Company, Inc.
Baltimore
BankEngine Inc.
BelSign NV
CertEngine Inc.
CyberTrust Japan, Inc.
Deutsche Telekom AG
Digital Signature Trust Co.
E-Certify
Entrust.net
Equifax Secure Inc.
FortEngine Inc.
GTE Corporation
GlobalSign nv-sa
MailEngine Inc.
RSA Data Security, Inc.
TC TrustCenter for Security in Data Networks GmbH
Thawte Consulting cc
TraderEngine Inc.
United States Postal Service
VISA
ValiCert, Inc.
VeriSign, Inc.
Xcert EZ by DST
Xcert International Inc.
beTRUSTed

And the list of Certification Authorities from IE 6:
ABA.ECOM
Autoridad Certificadora de la Asociacion Nacional del Notariado
Autoridad Certificadora del Colegio Nacional de Correduria Publica Mexicana, A.C.
Baltimore EZ by DST
Belgacom E-Trust
C&W HKT SecureNet
Certiposte
Certisign Autoridad Certificadora
CertPlus
Deutsche Telekom
DST (ANX Network)
DST (National Retail Federation)
DST (United Parcel Service)
DST
DST-Entrust GTI
Entrust.net
Equifax
EUnet International Root CA
FESTE
First Data Digital Certificates Inc.
Fabrica Nacional de Moneda y Timbre
GlobalSign
GTE CyberTrust
IPS SERVIDORES
Japan Certification Services, Inc. SecureSign
Microsoft
NetLock
Post.Trust
KeyMai l PTT Post
Saunalahden Serveri
SecureNet
SERVICIOS DE CERTIFICACION
Societa Interbancaria per l'Automazione
Swisskey
TC TrustCenter
Thawte
UTN - DATACorp SGC
UTN - USERFirst
ValiCert Inc.
VeriSign Inc.
ViaCode Certification Authority
Xcert EZ by DST

I don't have a copy of Opera handy to check its recognized Certification Authoritiess, but anything on both these lists is probably a safe bet for most applications. (This line length filter thing is getting really annoying. What the heck is the limit, anyway? How many extra sentences must I add? Well, maybe it's set at 25 characters. Lets try to get there. Hmm, still not there yet. Maybe one more meaningless sentence will push me over. Arghh! 25 characters per line isn't enough! Shall we go for 30? Why not. I can't believe this is such a pain to do. I sent ComboyNeal a message about it. Why don't I copy it here, since I need to take up some space. "I'm trying to post a list of CAs recognized by IE and Mozilla to the discussion on alternative CAs, but the line length filter keeps getting in the way. I understand why you have (and need) this filter, but it would be nice if it were a bit less intrusive. (What is it set at, anyway? I'm at 21.6 characters per line at the moment, and it's still complaining.) Junk will get modded down, so you could probably relax the filter a bit without any ill effects." Ah, there we are. Sorry for the nonsense.)

url for the $50 please, $119 is lowest i can find

[DrSkwid]

QuickSSL(TM)
Web Server Certificates

Exclusive QuickSSL features:
Only $119 for a one-year certificate

Just exploit the IE SSL bug

[giminy]

Have your company buy a key, then create signed keys for your domain private domain with it as the issuing key. Nobody will know, as most people still use IE, and it still has that fun bug.

Re:Just exploit the IE SSL bug

[Kragg]

I'd love you to explain this one. Who sells key pairs and how do you make the certificate show that it was verified with the intention of accting as a CA?
I have a horrible feeling this is a +5 troll... anyone got a link to prove me wrong?

Re:Just exploit the IE SSL bug

[jareds]

Who sells key pairs...

Verisign.

...and how do you make the certificate show that it was verified with the intention of accting as a CA?

You don't make the certificate show that, but IE doesn't check correctly. That's the point.

I have a horrible feeling this is a +5 troll... anyone got a link to prove me wrong?

Yes, this explains in more detail.

Re:Self-sign

[iosphere]

For IE, you'll want to copy make the machine that signed it a trusted certificate authority on your computer. I don't have step by step instructions on how to do that, but it should be in the doco for whatever you're using to generate the certs.

This is all Thawte did....

[jsimon12]

Become your own cert auth, hehehehe Thawte did it, made billions, went to outer space, etc etc.

Yeah, whatever

[putrescence]

It's still just a monkey pressing a button on a machine. That should rightfully cost $400? Ooooooookaaaaaay.

Re:Thwate IS NOT THAWTE!!!

[Spy4MS]

And appears to be a different company than Thawte. I wouldn't trust them (or nelsonal now that I've read his endorsement).

Thwate's site is a different design than Thawte's site but still uses the 'Thawte' name. This looks like a lawsuit waiting to happen.

drop me an email

[Triumph+The+Insult+C]

i will sign a cert (shit, i'll sign as many as you want) for you for, hmm. what's fair? $20, a case of Natty Light, a Playboy, and an 8 iron.

thanks

Open CA

[Alethes]

I think I should mention a new project that is in the works. The founder of OpenNIC, Robin Bandy, and I (Nathan Lunt) have been in discussions over the last couple of months to create a daughter project of the OpenNIC project for a democratically-controlled Certifying Authority modeled after OpenNIC. As such, we're looking at a situation where people will be able to get a certificate signed by a third party for, as it stands, free.

Such a project has enormous possiblities ranging from, as this thread discusses, cheap SSL ceritifcates for small websites, to potentially DRM applications as well, as mentioned in Robin's article here.

This project is only in the very infant stages, and has been off to a fairly slow start due to our busy schedules; however, once we are over the hump of policy creation and technical implementation, we should be well on our way to having a system of certification that is fair and within reach to every application imaginable.

Re:Open CA

[bakunin]

Indeed.

Until this is ready to start issuing certs, those of you on OpenNIC domains can get free certification from the OpenNIC CA (there are brief instructions on the web site or email ).

As Nathan said, we've both been _really_ busy, and setting up a new general-purpose CA (especially as a user-controlled democracy like OpenNIC) is very time consuming so we can't give a launch date yet.

Anyone who's interested in getting involved can (of course) email either of us and we'd be happy to have some more folks involved in the original setup. ;-)

Cheers,
-robin

Re:Open CA

[Junta]

I have a question regarding this sort of setup. Namely, what do the existing established (i.e. shipped with IE, mozilla, and netscape) CA's do in order to verify the identity of the requestor? I presume at least some of the cost an organization must pay is to cover administrative costs of verifying identities. And if the companies do nothing substantial to verify the identity of the purchaser, why the hell are browsers shipping with their certificates? If they provide decent identity verification, then I wonder if a free CA would work well. Even if it did get distributed, if it cannot provide decent verification of requestors due to budget constraints, it would be an exploitable weakness in the trust system...

Re:Open CA

[Alethes]

Robin may have more to add to this, but here's my take:

Becoming a default CA in a browser will actually be quite difficult. Attempts have been made to find out how to accomplish this. Opera has been contacted with no reply to this date, and Mozilla has replied explaining that they require a
contract and some demonstration of financial stability, which is a bit difficult for an organization with no financial structure whatsoever. Anyway, the current plan is to just get the project rolling, make the service available to users who are willing to trust the Open CA certificates, then through public lobbying, encourage browser vendors to include the Open CA as a default. As you can probably tell, this unconventional project will require unconventional means to gain ground -- just like most open projects.

Re:Open CA

[Junta]

Interesting about mozilla determining the trustworthiness of a CA by financial stability, one would hope that would be irrelevant and they would instead be mindful of the verification behind the CA more than the financial status of what it stands behind. What kind of contract is it they want? If they require money to distribute a key, it is an interesting avenue of funding, though I wouldn't think it to be very useful... All said and done, if this works I hope the validation scheme proves to be quite reliable and opens up trusted certificates to a whole new class. I personally administrate two CAs and am glad that clients are typically a few businesses rather than end-consumers, else we would have to run to a CA with an unfair chunk of change...

Re:Open CA

[bakunin]

Their certification policies vary. I'm familiar with two of them (Thawte and InstantSSL) and they are actually certifying different things.

InstantSSL: They certify only that you are the actual registered controller of the domain name involved; they do this by a challnge/response process involving sending email to the domain's administrative contact address. This guarantees at least that the cert is being issued to someone who can send and receive mail at an address registered as cntrolling the site's domain name.

Thawte: Thawte's process, as of two years ago, was more involved and made an attempt to certify the Real World identity involved. In addition to the email, they also required a fax of legal documentation backing up the claim to be the owner of the domain name (such as of your Articles of Incorporation). While not actually establishing that you are who you claim, this does make it more _likely_ that you are. So a Thawte cert certifies that you are the domain's registrant and are _probably_ the legal entity listed as the domain registrant.

For a web server SSL certificate, it should be adequate merely to demonstrate and certify that the server is authorized by an appropriate contact, in the manner InstantSSL does. Fortunately for a free CA, this can all be automated. ;-)

Other, more extensive, certifications are more omplicated. What Nathan and I are working on is essentially a free user-run service which will certify anything about its users which can be proven to be true, with the understanding that some certifications can't be done until the project grows wuite a bit (things involving significant research or cash investment to prove, for example, will have to ait a bit but SSL certs are easy and can be done immediately).

-robin

That's interesting

[petard]

WhichSSL is nothing but an ad for Comodo:

Registrant:
Comodo Research Lab Ltd
10 Hey Street
Bradford, Yorkshire BD7 1DQ
US

Registrar: Dotster (http://www.dotster.com)
Domain Name: WHICHSSL.COM
Created on: 25-JUN-02
Expires on: 25-JUN-04
Last Updated on: 25-JUN-02

Administrative Contact:
Abdulhayoglu, Melih steve@comodo.net
Comodo Research Lab Ltd
10 Hey Street
Bradford, Yorkshire BD7 1DQ
US
+44 1274 730505
+44 1274 730909

Technical Contact:
Abdulhayoglu, Melih steve@comodo.net
Comodo Research Lab Ltd
10 Hey Street
Bradford, Yorkshire BD7 1DQ
US
+44 1274 730505
+44 1274 730909

Domain servers in listed order:
DNS01.EXODUS.NET
DNS02.EXODUS.NET
DNS03.EXODUS.NET

Re:That's interesting

[shurdeek]

No sales person, do a google search for shurdeek or grep changelogs in your favourite linux distro and you'll find out who I am :-) I don't have a problem complimenting good companies. I didn't know whichssl belonged to comodo, I just googled to find out a solution for my customer 2 months ago and whichssl came as one of them. I've been using it since without problems.

Self signing is BAD. Roll out your CA !

[mosha]

Self signing my certificates works of course, but just about all browsers make a big fuss about it

This is a joke, right ? Self-signing the certificate defeats the purpose ! I will redirect DNS entry to point to my web site instead, and will use self-signed certificate. How would you know that this is not the genuine site ?
The right solution is to roll out your own Certificate Authority (CA) and make it trusted CA on all the client machines which will use the application. Then you can issue certificates signed by this CA.

Google is your friend.

[Eric+Seppanen]

CA links
CA links

Re:Self-sign

[abradsn]

Try implementing asp yourself, if you are so high and mighty.

+3, Insightful...?

[Wakko+Warner]

I know this was a troll/joke, but it really helped prove just how much crack the moderators have been smoking lately.

Tnx 4 dat!

- A.P.

I use directNic

[kevinmtu]

DirectNic has pretty reasonable prices for SSL certs $118 per certificate per year...

Bigger problem than that.

[fireboy1919]

Its easy to click-through with internet explorer. But what if you've got Netscape 6 or Mozilla?

Sure, its easy to use https mode, but what if you want to sign applets?

Its a REAL pain. You have to download a public key, open up a console, find your certificate store, and manually add it.

I made something that I wanted to do that with. What a pain!

Building better technology

[rhysweatherley]

Verisign does provide a semi-useful service, in that it verifies the identiry of the people whose certificates it signs. However, charging the same person $N every single year to change the expiry date in the certificate is not a useful service - it is highway robbery.

Many of the fields in the X.509 certificate, like the expiry date, and the CA signer field, exist solely to create the business model. There's no technical or trust-based justification for it. Like many of the DRM initiatives right now, certificates are designed to support the business model, rather than being designed to solve the problem.

In the case of Verisign, this was their intent - RSA Data Security, Inc. used the RSA patent as a weapon in the 1990's to ensure that their way of using the algorithm became standardised, locking every other attempt at solving the trust problem (yet another reason to reform the patent system).

One of the founding principles of Internet design is that protocol and business model are two separate issues. We desperately need an alternative to certificates that can provide the necessary trust matrix without nailing all users to one way of providing the service. Unfortunately, it is probably too late to fix it now.

Re:Building better technology

[MartinB]

However, charging the same person $N every single year to change the expiry date in the certificate is not a useful service - it is highway robbery.

Oh please. When will you learn about business pricing? If it's worth more to me than the price I pay for it, it's a useful service.

If paying $400 per annum means that I get $401 additional contribution to my bottom line each year, it's made me money, and I'm doing it, and not complaining (other than in the general 'trying to get a better deal' way).

If you're going to comment on business, please at least have the courtesy to find out the basics first.

Re:Building better technology

[Junta]

I can see the usefulness of the expiration and the CA signer field quite easily. Say you were in charge of authenticating these certificates and you were expected to be reliable and not have clients easily be faked. The lowest common denominator becomes the customer. If the customer has that certificate private key leaked, it becomes useless. This can happen without the company knowing, so having the certificate expire is useful in protecting the signee from themselves. Not something they should have to pay for, but the practicality is there. I personally don't see how the CA signer field in any way relates to profit. Ok, so there is the issue of branding, a certificate by Thawte *looks* more reputable than one signed by a small party, but it is a field rarely consulted if it ships with the browsers. The CA Signer field is somewhat critical with independent CAs, where the name does show up. Perhaps only a token, but still..

Re:Building better technology

[letxa2000]

When will you learn about business pricing? If it's worth more to me than the price I pay for it, it's a useful service.

It's not necessarily a useful service, but it might be a necessary one.

If paying $400 per annum means that I get $401 additional contribution to my bottom line each year, it's made me money, and I'm doing it, and not complaining

That's silly. Sure, you spent $400 and made $401. That's a 0.25% ROI. Of course, the hope is that you make more than $401.

Even so, the fact that you earned more than you spent doesn't automatically translate into a fair or worthwhile service. If I get locked out of my house, anything that costs less than replacing a broken window makes financial sense. That doesn't mean I should feel good about a keysmith charging me $100 for 2 minutes at my door. Sure, it makes more sense than breaking a window to get in, but that doesn't mean I'm not getting ripped off.

The fact is that the SSL certificate authorities do little or not work. We pay them money because users will get a nasty certificate warning if we don't. That's it. Sure, I make money by paying them and that's the only reason anyone would ever do it. But that doesn't change the fact they are ripping you off by charging you an insane amount of money for no work on their side.

Certificates really ought to cost about the same as domain names... $9/year.

Re:Building better technology

[MartinB]

If I get locked out of my house, anything that costs less than replacing a broken window makes financial sense. That doesn't mean I should feel good about a keysmith charging me $100 for 2 minutes at my door. Sure, it makes more sense than breaking a window to get in, but that doesn't mean I'm not getting ripped off.

Of course, you can feel jealous about someone who can get paid $100 for 2 minutes work (although by the time the keysmith gets to you and gets back after, it probably translates into a better hourly rate), but if that's the going rate, then it's fair. And if it's less than replacing the broken window, then it's worthwhile, as you already said.

The fact that it takes little work to create a key does not matter to anything except your level of envy. It adds a crapload of value, and costs pocket change compared to all the other costs of running a business.

You can have a lot of fun speculating about the price you'd like to pay. But that's not the economic reality, just like I'd like my car not to cost me &pound20k+ because I live in the UK, not in Europe (where it would be 16k or so).

As long as it adds greater value than it costs, many people will keep paying $400, and Verisign will keep charging it, especially if they've got another brand by which they can access the market of people who won't pay it.

(And yes, the $401 income I mentioned was a silly sum. Call it $440, 10% RoI (pretty good in most cases) and move on.)

Re:Building better technology

[letxa2000]

Of course, you can feel jealous about someone who can get paid $100 for 2 minutes work

It's not jealousy. For it to be jealousy assumes I would charge $100 for 2 minutes of work if I could.

It'sbeing dissatisfied because you know the real cost of the service and know the real effort involved and can't reconcile that with what is being charged. A better example would be a locksmith being locked out of his own house with his tools IN the house and having to pay the mark-up.

You can have a lot of fun speculating about the price you'd like to pay. But that's not the economic reality

The thing is, it IS economic reality. That's why the prices of certs is now $49/year with the competition instead of $400+/year with Verisign. If there had been true competition and the price was $400/year that'd be one thing. The fact the price seemed insanely high and then the price drops by an order of magnitude in one year when competition is available simply proves the fact that they were ripping people off.

One thing is an honest return on investment. One thing is a competitive price. Another thing entirely is monopolistic pricing. And, yes, people do have a right to piss and moan when they are being unfairly gouged by a monopolistic company.

Also, I'm happy that $400 sounds like pocket change to you. There are MANY of us that run small business (i.e., just me, myself, and I) where the difference between $400/year and $49 is significant. Perhaps it's "only" pocket change to you, but it's a big difference for those of us that are slowly inching ahead in our business and don't want to pay absurd prices for trivial services. Not every secure SSL website is making millions per year with a staff and and accounting department to write that $400 check...

Free/Low cost certs

[eaglesnax]

Two projects you may want to look into:

http://www.cacert.org/
http://www.freecert.org/

-E

why?

[erikdotla]

vpn + firewall = screw certs

if you're relying on SSL certs for "security" it sounds like your systems are open. veddy bad man!

Re:why?

[freaker_TuC]

Obviously you trust any other party to be as safe as you are ? Or do you expect (for example) Amazon to VPN with your network ? ...

Re:why?

[RustyTaco]

Local CA + user certs = lower maintanence VPN firewall.

- RustyTaco

Comodo for $49

[NO_NYT_POSTS]

Comodo has a great deal. $49. their service is excellent and i have had no problems at all.

Simple

[the+MaD+HuNGaRIaN]

I would think the answer is as simple as checking the CA's in Mozilla.

It lists a whole truckload of CAs in the Authorities tab of the Certificates option of Privacy&Security.

Is it any good if most browsers reject it?

[HotNeedleOfInquiry]

I couldn't find rackshack listed in any of the "approved" signing sources for mozzila or netscape.

Re:Is it any good if most browsers reject it?

I bought one of these certificates. Rackshack is not the CA, but just a reseller of the certs. They have such a high volume, they get a discount. The certs they sell are actually signed by Equifax, and are distributed by GeoTrust.

Re:Is it any good if most browsers reject it?

[enrico_suave]

quickssl bought out and uses equifaxes (if i recall correctly) cert company/business.. and uses that authority which most browsers going back to at least 3x or earlier (for ie and netscape) that are recognized without popup/error/warnings.

FWIW I've used this cert before for a site.. it was quick, easy , and cheap...

e.

Re:Is it any good if most browsers reject it?

[Scooter]

Indeed - if your brower's never heard of the signing authority (and that signing authority's intermediate certificate is not, in turn signed by a recognised CA) then you may as well self sign and have it for free.

I've even had certificates from Verisign that browsers had not heard of - 128 bit Global Cert was signed by an unknown Verisign subsidiary - you had to grab an intermediary for it from the "real" Verisign (ie the one the browser's already had signed certs for). I found this incredible - and unworkable at the time as our useless Oracle App Server 4 system had no truck with the concept of certificate chains.

Re:Thwate IS NOT THAWTE!!!

[Zeinfeld]

Thwate's site [thwate.com] is a different design than Thawte's site [thawte.com] but still uses the 'Thawte' name. This looks like a lawsuit waiting to happen.

I just went to their Web site and if you click through you will find that they do actually sell Thawte certificates, you are sent to the Thawte site.

This is probably just an innocent thing where people were going to Thwate and trying to get certificates and someone decided to take advantage of the channel.

I will get onto legal tommorrow however just to make sure that nothing unfriendly gets said by mistake. There used to be a company in the UK with a vacum cleaner called VAX. They got a nastygram from a random DEC legal outfit every week.

There is a solution for this problem

[thogard]

What we need is a very fast distributed monte carlo attack on one of the public keys that is everywhere. They keys are made by taking two large pseudoprimes so all we have to do is find one of the primes that a master key was signed with. Since the early certs were done using RSA's tool kit, all we have to have is millions of computers randomly selecting big primes the same way it would and checking to see if they match. This can be done thousands of times faster than key generation. While it is 1024 bit numbers, the estimated keystrength is no stronger than a hypothetical 70 bit DES and may be more in the order of 40 bit DES. There is a very small chance anyone would randomly hit the right key in the next year but there are enough machines sitting around doing nothing, that it could make an interesting distributed project and the magic bit stream may just show up.

Re:There is a solution for this problem

[billstr78]

A better way to prove your point is to advocate the use of openSSL and other non mainstream solutions. You have a valid point, but busting open everyone's secure data using a distributed crack is irresponsible, lame and dangerous. Get some ethics.

If your the IT Department

[mystik]

... and can manage an installation of certificates on all clients, you can create your own certificate authority all by your self.

Here are some *SIMPLE* instructions for building a self-signed CA cert, and then signing SSL certs for servers. Any real implentation should probably be assessed for security (like ca-generation on an isolated machine, etc ...)

• openssl req -newkey rsa:2048 -keyout ca.key -out ca.req - Answer all questions it asks
• openssl x509 -signkey ca.key -req -out ca.crt -in ca.req -days 1200 - Self- signs the CA certificate
• openssl x509 -signkey ca.key -trustout -req -out ca-trust.crt -in ca.req -days 12000 - produces a "Trusted certificate"
• use the first step to generate any other certificate requests. Some servers like IIS & Domino have their own request-generation tool.
• openssl x509 -CA ca-trust.crt -CAkey ca.key -req -days 360 -in certificate-request.req -out cert.crt -CAserial ca.srl [-CAcreateserial] - to sign requests. The first time, you'll have to use CAcreateserial

That's pretty much it. mix into your IT operations as nessecary

Re:Self-sign

[Buck2]

yea..that'll go over like gasoline and matches at a fireman's birthday party.

You've obviously never been to any fireman's birthday party.

Except for a mental ward you cannot guarantee a higher concentration of pyromaniacs anywhere.

Stock price rules

[gamartin]

Any serious cheaper competitors (Thawte) will likely be bought by Verisign to protect the "value" of certificates and prop up the company stock price.

Re:Stock price rules

[Bill+Privatus]

Ahem. Too late.

See Mergers&Acquisitions - December, 1999.

The takeover was official on 12/21/1999, and I let my free Thawte private Cert lapse immediately thereafter :-(

Thawte

[terminal.dk]

Verisign bought Thawte, it was approved by US Governement is thawte kept prices at half that of Verisifgn.

Thawte certificates in small volumes are $350 for 2 years, after Verisign also increased prices. Other will sell you cheaper certificates the browser will believe in, but they have a screening procedure that keeps cost down, and don't have anybody trust your certificate apart from browsers.

Not to flame, but...

[jonfromspace]

Since when are Mozilla and Netscape MOST browsers?? Last time I checked I.E. was like 90%+ of the market.

Anyhow, there MUST be some kind of IE exploit to get around those anoying security dialogues... But then, that might require using ASP or VBscript... poop.

Certs prevent Man-in-the-middle attacks

[adamy]

Certs prove you are who you say you are, not that you are a reputable company. Otherwise, someone can spoof your IP address and or domain name, collect your clients secure information, and the whole process is encrypted using the attackers keys, not yours.

It is a boot strap problem. Since your clients connect to your over the web, there is no way to prove that you are really you. Instead, you say, my CA (e.g. Verisign) says I am me, and hand them something they can use to verify that info. The browser checks the cert that your site offers, and using the Verisign public key, can ensure that you are actully signed by verisign. The fact that Verisign's public key was shipped with the browser means that the trust chain goes like this:

Install disk (or Download from Mozilla site)->Verisign->You

You can become your own CA, but that borken link is still there.

Another option is to use something like PGP or hand delivered Certs, which would work for an internal website or a limited audience.

Adam

There is a free way

[skinfitz]

Just get your users to install your cert into their browser - wont nag you after that.

It will be fine for your internal users (and transparent if you have a PKI infrastructure like Active Directory), but it depends on how many external users you have and how many hoops they are willing to jump through.

Browser support

From the FAQ:

What Web browser programs are compatible with QuickSSL?

QuickSSL is compatible with Microsoft Internet Explorer(TM) 5.01 and higher and Netscape/AOL Web browsers version 4.51 and higher, comprising an estimated 90% or more of all Web browsers in use today. All other commonly used browsers may connect securely with Web servers using QuickSSL certificates. However, some older browsers may display a dialogue box indicating that the certificate is not trusted. This means that the certificated is not located in the browser certificate store and, in most cases, the user will be prompted to install it with a few clicks of their mouse.

That 90% is a pretty low estimate, too. Most people would estimate IE5/6 usage alone above 90%.

A good place to start...

[SecGreen]

Check the settings on your favorite browsers for a few ideas....

On Mozilla you can find the "Trusted-Root"'s at:
Edit -> Prefs -> Privacy & Sec -> Certificates -> Manage Certificates -> Authorities.

On IE it's:
Tools -> Internet Options -> Content -> Publishers -> Trusted Root Certificate Authorities.

--sg

Oh, you did, did you?

[logullo]

I looked at a company called RSA Security...

Sorta like "I talked to some programmer guy named Knuth."

Poor Cliff

[uberdave]

Why Are SSL Certificates So Expensive? by Cliff with 192 comments on Sunday March 18, @04:48PM http://ask.slashdot.org/article.pl?sid=01/03/18/18 55230&mode=thread&tid=93

Are FreeSSL Certs Worthwhile? by Cliff with 8 comments on Friday September 07, @11:50AM http://ask.slashdot.org/article.pl?sid=01/09/06/04 51218&mode=thread&tid=148

Poor Cliff. Perhaps he will get an answer this time around.

Why you're supposed to pay for certification...

[mh_cryptonomicon]

Just as a comment here... There's a reason it's not unreasonable to pay for certification that's not being mentioned here. The whole idea behind using a cert is to establish assurance in the identity of the ssl server. This identity assurance is established by the server proving posession of a private key related to a public key which has been certified by a certification authority. The certification authority uses a process supposedly outlined in their Certification Practice Statement to establish the identity of the ssl server. The CA itself has a certificate, certifying the identity of the person who owns the public key related to the private key that digitally signed the ssl server's certificate... it's the CA's self signed certificate! (yes, I'm ignoring the fact that some certificate chains have intermediate CAs, but that's for the advanced example.) Self signed certs are "bearer instruments" in a sense. If an adversary could get their self signed cert into your copy of Netscape or IE, then presumably they could start issuing bogus certs to inappropriate parties, and the whole chain of trust thing would go up in flames. To avoid this problem manufacturers of browsers, acting on behalf of their users (the relying parties) take special precautions to use root certs that have been verified to have really come from root CA's.

What you're paying for are the business operation costs to maintain the certificate issuing system and the indemnification costs.

So... you're probably wondering why you should care about all this when you're dealing with in internal site. Well... to a certain degree, you don't have to. This sort of trust chain is more useful in an environment where the two parties taking part in the communication have never met, nor have any of their "superiors" met. In a corporate environment, hierarchical organizations are common, and if you're dealing with a relatively large organization (say >300 people) it might be worth your while to investigate the idea of an internal CA.

WRT browsers, many corporate IT departments will devise a custom install for machines under their administrative control (you know, like a stock build of Win2k that gets ghosted onto new machines.) If this is the case in your organization, then it is (or at least it was) a relatively simple operation to install a new default root certificate into IE or Netscape (though I must admit, I've only done this myself with NS 4.something.)

As for CA software, if the only thing you're looking to do is create an internal root certificate that can be used to create certificates for internal ssl sites, OpenSSL will do this fine. Keon, Entrust, etc., etc. are generally justified when you want to start issuing client certs and establishing directories of internal certs & crls and revoking things...

Re:Self-sign

[blkwolf]

Kurt Seified has some good information on installing certs in I.E. Whats really cool is it lets you easily install certs for other apps like imaps/Outlook etc.

http://searchwin2000.techtarget.com/tip/1,289483 ,s id1_gci833806,00.html

when it comes down to it....

[eecue]

encryption in the browser is crap. any mim (man in the middle) can easily hijack your session with open source software like ettercap. just download it and try it! you don't really even have to be in the middle... you can be on a switched lan where your target is and still hijcak the session.. and see it in plain text.

don't trust ssl in internet explorer.

if you have to do somthing secure use ssh and tunnels.

Re:Thwate IS NOT THAWTE!!!

[ceejayoz]

They're a Thwate affiliate taking advantage of misspellings... scummy, I'm surprised Thwate hasn't taken them down.

Mod parent up

[Micah]

Seriously, why SHOULDN'T you do this? The only thing Verisign does is take exorbitant amounts of money to "prove" you are who you say you are. But if you don't trust someone at their word, you probably don't want to do business with them in the first place!

I'd suggest that doing this even for sites used by the general public is OK. Just put a quick explanation on the site. The exception might be if you're running a large operation collecting credit card numbers, in which case you can afford Veri$ign's price and don't want to lose a bit of business.

Re:Mod Parent Up

[chef_raekwon]

we should mod you and the parent down for 'redundant'. What the parent post described is exactly what everone else has been describing with Linux. Of course, you can do the same with Windows, except, it takes 3 billion clicks to get it done. On linux, it takes 3 commands.

InstantSSL

[TheTomcat]

I use InstantSSL (Comodo) [flash alert]. Works great. A little Apache tweak, nothing on the client side, and haven't found an unsupported browser.

Best part: $49.

S

Government and more flexible signed assertions

[Fastolfe]

This is the situation where we need the government to step in. We're all getting driver's licenses from the government, passports, etc., and these are really the only real-world pieces of identification people accept. What we need is for the government to step in and issue digital ID's, to individuals and corporations. These ID's would tie us to whatever electronic identifiers are appropriate (domain names and/or e-mail addresses), and appropriate delegation would be permitted from there.

We just need the a trusted authority (for certain definitions of 'trusted' and for the definition of 'authority' that is ubiquitously recognized instead of decided by the highest bidders in the browser wars) to make digital assertions.

You'd start with certifying identities: my state might sign a certificate certifying my name, maybe driver's license number, perhaps address and even a photograph. I should now be able to sign e-mails with this now independently of my e-mail address. The resulting signed message could carry whatever signed assertions I wanted to put on it. (Probably my name and maybe my photograph.) I can't forge these, because these components are signed by the state in connection with my identity. A posting to a self-help group might just assert my identity in the form of a photograph and an unsigned nickname.

Taking this a step further, I should be able to use this ID to sign other things, even web sites. This will require changes to the way users perceive an "authenticated" web site. If I go to a bank at www.example.com today, they have a certificate that basically states "www.example.com is Example Bank, and their identity is certified". What my own signed web site might assert is "www.example.com is Joe User". User agents need to give more weight to the name here and less weight to the fact that the domain name matches what's in the certificate.

Extend this now to corporations. When a corporate charter is created, a digital ID for that corporation is created along with it and signed by the state of incorporation. That corporation can now sign assertions like "Joe User is the CEO of Example Corporation".

So now, when Joe User sends an e-mail, he can include this information:

• Joe User (signed by the state of residence)
• (Joe's picture, signed by the state)
• Job Title: CEO (signed by Example Corporation)

At this point, we really have a framework to allow the signing of most any type of assertion. If someone feels that we still need a signed DNS-based model, we'd do this within the DNS framework. I.e. registrars, when creating a domain, would also create a certificate for the domain name created and pass that on to the new owner, who can now sign for sub-domains as needed. When presented with www.sub.example.com, we have "www" signed by "sub" signed by "example" signed by one of the registrars for ".com".

Some of these concepts will require a re-thinking of the way we approach authenticated online identities. We need to stop placing so much importance on online identifiers (like domain names and e-mail addresses) and start paying attention to who is making those assertions. I can sign an assertion stating that my e-mail address is 'joe@example.com', but unless that's really my e-mail address, it's not going to do anyone a whole lot of good. If I go around forging e-mails from joe@example.com and including that signed assertion, everyone should be able to take one look at that and say, "Who the hell is this guy claiming to be joe@example.com?". Only the guy with the certificate stating the assertion that he is "joe", signed by "example", signed by a valid registrar for ".com" would be able to say that with any authority.

A lot of this can be done today with signed/encrypted XML, provided we have a common framework to start sharing the assertions.

Re:Government and more flexible signed assertions

[Fastolfe]

In other words, we need a much more hierarchial delegation of "trust" rooted in the roots of each resource model we're worried about. For "legal identity" we have the electronic equivalents of passports, state ID's and corporate charters. For "DNS identity" we'd have to start something at ICANN and delegate to registrars and second-level domain owners. A trivial extension of that allows for "e-mail identity". A certified telephone number assertion might come from a telephone company. We'd then just need a nice mechanism to merge all of these together as needed.

The SSL world today basically revolves around a single type of assertion: a best effort identity verification and DNS. This is too flat.

Re:Government and more flexible signed assertions

[RAMMS+EIN]

``driver's licenses from the government, passports, etc.''
You're getting these from the gov't? How pathethic! That means you actually have to take the driving test and actually be 21. Much easier and more useful to get them on the black market.

---
Two sure ways to tell a sexy male; the first is, he has a bad memory. I forget the second.

FreeSSL

[SiMac]

FreeSSL offers free SSL certificates. Sure, they don't work in old browsers, but they're free, and great for people strapped for cash (like me).

Run your own authentication server

[Frums]

If you are using it for extranet type functionality and don't need customers to use it, and you have skills but no money, create your own certificate, set up a server to do authentications (it keeps private key and is used to issue new certs), and then add your own server as a root server on each of your company boxes.

-Frums

Even worse

[anthony_dipierro]

It's even worse with java applets, for two reasons... One, I don't think you even get the "Jesus!! This software is unsigned!!" message. AFAIK, self-signed java applets simply don't run, or run with lowered privileges.

Secondly, while there are sites out there that let you "share" an SSL certificate with others cohosting on the same server, I don't know of anyone offering this service for signing java applets.

This is complete bullshit, and it really disturbs me that even the GPLed mozilla hasn't solved it.

Re:New Cert provider Certs 119.00

[cdn-programmer]

IMHO you will do just fine. Most ppl will just tell their browser to accept the cert. I've seen this happen from a number of vendors including either M$ or Oracle... I don't quite recall now.

Big Fuss?

[wdr1]

How is a pop-up a big fuss? Also most browsers allow you to permentantly accept the certificate as valid, don't they?

-Bill

Re:Big Fuss?

[J'raxis]

Some browsers (MSIE for Mac is one) don't make it clear that the "problem" is just an untrusted CA. They bring up a vague "A secure connection could not be established" dialog, usually with some alarmist "Warning! What you send could be read in transit!!" warning to boot.

Re:Self-sign

[homer_ca]

If this is an intranet site and you control the desktops, the IE Administrators Kit lets you install additional certificates among other useful things. I looked for a similar feature in Netscape's CCK, but didn't find one.

Governments?

[Hard_Code]

What about governments providing a non-profit cert service? Sure, there is the typical caveat of having to "trust" the government...but how much do you really "trust" Verisign anyway? Governments already certify physical documents...why not electronic ones? You could just get a cert from the government covering the region you operate in (ok, I know on the net this can be worldwide)...from city, to state, to regional, to national, or maybe even international. This might also have the effect of localizing the trust - perhaps as a consumer you don't trust a cert generated by some middle of nowhere town or province...

A list of CAs

[Bri3D]

OK, here are the CAs trusted by Mozilla ABA.ECOM AddTrust AB American Express(No, not a typo) Baltimore CyberTrust BankEngine BelSign CertEngine Deutsche Telecom Digital Signature Trust Company E-Certify Entrust.net Equifax FortEngine GTE GlobalSign MailEngine Verisign/RSA(Yes, this is what it's called!) TC TrustCenter Thawte TraderEngine United States Postal Service VISA ValiCert VeriSign Xcert beTRUSTed So, here are your choices! Choose wisely:-)

become your own CA

[maxwells+daemon]

Hope this is not too late. The practical use of certificates has nearly been destroyed by the CA's that get into the browsers as trusted roots. Here is a way to get things done cheaply.
1. buy a certificate from a recognized CA (Verisign, Thawte, Entrust, etc) for a web server.
2. create your own self-signed certificate in the context of a properly managed CA (you need to know what you are doing)
3. publish the CAs public certificate on a https web page on your server authenticated by the recognized CA
4. tell your users to pick up a copy at your trusted site and install it in their browser (or what ever other client they are using)
5. use your own CA to create subsequent certificates.

Remember that as a CA, you have parties that are relying on you. You need to handle revocation processing and certificate revocation. The good thing is that nearly everyone is producing PKI software these days. If you have a Win2K Serve instance, you have a reasonable PKI. Do things right and there is no reason why you cannot use certificates in a trusted manner.

IPSCA $69 for 2 years 1024 bit

[llZENll]

http://certs.ipsca.com/ I've been using them for a secure site for a while, they even have a free 6 month cert. They work by default in 90% of browsers, no warnings. Basically you pay for what you get, the more you pay, the more browsers someones cert works in, because of root CA updates. But if you can just advise anyone using your site to update thier browser then its not a problem. With as many bugs in all browsers, your flirting with viruses if you don't update them.

Not a good idea for everyone to do it.

[Chuck+Chunder]

The average user becoming used to ignoring security warning is a bad thing.

Part of the trust involved isn't just that I trust the name I see on the site, it's that I really am talking to to who I think I am. Remember, I can create a self signed certificate for www.abcd.com just as easy as the real owner of www.abcd.com. All I need to do then is hijack his DNS (or get my IP address with his name in your hosts file) and you're talking to me and think you're talking to him. And because we're both using self signed certificates we'd both look as real.

That's why the third party is important.

If you have an existing relationship with the people accessing the site (ie you have a channel whereby they can verify the cert once and don't become used to ignoring warnings) this isn't a problem.

Give him a break; he's the Ask Slashdot editor

[yerricde]

Poor Cliff.

Actually, the "by" immediately after the title of a story refers to the editor who posted the story, not to the user who submitted it. Cliff handles Ask Slashdot.

GeoTrust!

[coene]

Its soooo quick (10 minutes) and soooo easy, and it only costs $120 (last I checked). Doesent even need a DUNS number!!! I love it! No more Verisign for me...

(no i dont work for them -- haha)

Calling all free Certificate Authorities...

[marcilr]

This is something that really chaps my ass. It is *easy* to start your own Certificate Authority (CA). The problem is getting your CA recognized in the web browers of the world. In a nutshell you need to pay many fat bribes, on the order of several hundred thousand dollars, to Microsloth, AOL, etc.,etc...to get your CA listed in the browsers. Big companies, like Sun for instance, can afford to do this.

It would be great if some respected non-profit organization like the Free Software Foundation had enough pull to start a free Certificate Authority that could get listed in the browsers.

I'm sure Verisign and the other blood suckers at large would hate, despise, and bring on the legal nazi's against this. Hence it isn't likely to happen anytime soon. To bad since this is a major roadblock to the common use of encryption on the net.

Alas....

The certificate 'business' is a scam for 3 reasons

[Xeger]

1) Almost every known root CA targets businesses as their primary customers. The prevailing mentality seems to be that if you want to secure your HTTP server's connections to members of the general public, you must be running some sort of business. Their cost per certificate is nothing; you are paying them not for the certificate itself, but for a certification of your trustworthiness as a business.

But what if I'm offering a free service, which nonetheless requires that my users have absolute trust in their browsing security? What if I'm running a nonprofit organization? If the CAs were truly interested in security, they would offer a low-cost alternative for people who are offering free services, and perhaps a free certificate for non-profit organizations.

You may point out that I can now get a cheap certificate for $50. While this is true, the low price of certificates these days is the result of market pressure. These guys aren't lowering their prices out of the goodness of their hearts, or to help Joe Q. Webmaster who wants a secure website. They're doing it only in response to competition.

2) 'Wildcard' certificates cost an absurd amount of money, usually $500 or more.

Excuse me? The entire premise of the certification, is that Thawte (or VeriSign, or whoever) is certifying my trustworthiness as an organization. As such, it shouldn't matter whether I have one, ten or a hundred DNS names associated with my website and with my organization. By forcing you to buy separate certificates for your web server's DNS name, your mail server's DNS name, your LDAP server's DNS name and others, they are extracting even more money from your wallet. Even if all my services are hosted on the same machine, I must pay hundreds of dollars extra for the privilege of giving them separate aliases. The only other alternative is to host all of my services on one machine, under one DNS name. Thank you so much, VeriSign, for sticking your nose into my system administration.

And, finally,

3) VeriSign, the biggest fish in the pond, has demonstrated on more than one occasion that it is in fact not trustworthy.

Remember the incident involving a falsely-issued code signing certificate for Microsoft? That's right! This supposed paragon of trustworthiness gave some unknown cracker free reign to masquerade as the largest software company in the world. If they're that damned vulnerable to simple social engineering...then why did I pay them $200 or more, again? What exactly were they certifying?

From the start, the entire digital certificate business has been about politics and moneymaking, nothing more. It's a pity that we're forced to live with it.

Re:Self - Soil

[OsamaBinLogin]

> How can they be reasonably certain the remote server is
> actually who it says it is if the cert is self signed?

They can't. And they may never be able to. Browsers are always putting up bogus marginal security warnings; people have learned to click OK and get on with it.

Security people are really bad at user interface.

Almost any solution will be in the form of "do this and that mumbo jumbo with your browser, go here, do that, trust me". Any imposter site can do the same. The computer is a big ocean of inscrutible complexity. What's a human to do?

I'm not trying to be a troll here; I'm just trying to point out some of the problems. Most people do not understand the Certificate Authority panel, or any other security panel, in their browser, well enough to be able to tell if they're doing the right thing.

Hmmm... this browser I'm on doesn't even have one. OK, internet exploiter - that has one. 85 certificate authorities in the list, as shipped, and it's a security breach if ONE of those CA certs is bogus.

OK, quiz question, here's some of the certs that came built in with Internet Exploder:

SecureNet CA Root au
EUnet Internatioinal Root CA EUnet International
RSA CyberTrust Root RSA Corporation US
Netlock Uzleti (Class B) Tanusitvanykiado Tanusitvanykiadok NetLock

Which one of these did I make up? And, more importantly, how did you decide that it was bogus?

Re:BUSH = RECESSION

[NathanielSamson]

While I must say in my own defense that I was not initially trolling just couldn't resist a little southpark humor. I however find it funny that economy that is 8 trillion dollars in yearly business can be sidetrack by one man, well at least that is what you stated. Ladies and gentlemen the script has flipped, nothing is the way it used to be, economies around the world are hurting. The japanese have had a decade long recession and still there is no light at the end of the tunnel. Corporations kept shoddy books, people defrauded the public. They will pay until thge American people get bored with it on the nightly news. Maybe some good will come out of this, cleaner books, more transparency. To end,before you try and judge a man who is directly responsible for the wellfare of 280 million people, think about that. We are all on this rock together just a littler understanding would be good

I'm Microsoft, gimme a cert! Thanx!

[alienmole]

Maybe it is as much of a scam as we think - otherwise, why did Verisign issue "two certificates to an individual fraudulently claiming to be an employee of Microsoft Corporation"? (CERT Advisory CA-2001-04)

OT: Entrust PKI

[Bishop]

Entrust tried and failed to sell PKI to any one. Until 2000 PKI was Entrust's primary (only) focus. Unfortunately PKI is a solution looking for a problem. There are other problems as well. (Link curtosey of the July 15 2002 Cryptogram)

It is too bad really. Where PKI works, it works well. MS's Passport and Sun's thing are really PKIs waiting to happen.

Re:OT: Entrust PKI

[RobL3]

We use self isued certs to authenticate users to our BtoB site. Better security than password/login, and when you tie all the legal agreements to the cert, non-repudiation becomes a lot less difficult. Of course we haven't had to put it to the test in court......

Re:OT: Entrust PKI

[Ben+Hutchings]

You can repudidate a physical signature if you show that it was forged or made under duress. I don't see why a court would refuse to accept the repudiation of a digital signature for similar reasons.

free certs

[farnsworth]

simply code up an activeX control that appends the following to the client's c:/windows/system32/drivers/etc/hosts file:

ca.verisign.com <your.openssl.server>

WAP browsers don't

[Mike+A.]

If you're trying to create a secure service that works on OpenWave WAP phones, most of the gateways only have a limited selection of allowed root CAs, and don't provide any way for a phone user to accept other certificates. This makes a certain degree of sense, since the limited screen size of a WAP phone would make it prohibitive to inspect a certificate. But the upshot is that you can't use an SSL service from a phone using a self-signed cert.

Be your _own_ CA. Why pay anyone?

[jdreed1024]

from the why-can't-we-be-our-own-certificate-authority dept.

Er, um, you can. It's trivial to be a certificate authority. You simply need to read a couple of HOWTOs and understand how X.509 certificates work. At MIT for example, we are our own CA. The MIT CA signs all other certifiates, such as certificates for machines that offer secure services, or client certificates for users to authenticate themselves for confidential services. Sure, your browser will claim that it won't recognize the certificate authority. But go ahead and download the root certificate, and tell Netscape you want to accept that certificate authority to certify "Internet sites", and you're all set. You only have to do that _once_. Ever. Just make sure that all your server certificates are signed by the certificate authority.

At MIT we get around the "accepting the certificate authority" problem by re-distributing Netscape with our CA alrady in the database. If your organization isn't big enough for this, then just hand the customers printed instructions on how to do it. Tell them by doing this, you're saving them money, with less costs to pass on.

Commercial Certificate Authorities mean jack shit. All they "certify" is "Joe Schmoe paid me $400, so I will now say that he is who he claims to be." Big fscking deal. Who exactly are they to claim that, anyway? Do they have access to Joe's birth certificate? His passport? His social security record? I had to provide more documentation to get a Massachusetts Drivers License than I did to get a certificate from Verisign. Once the general public realizes this, Verisign will need to find a new source of revenue. I envision a future when certificate authorities can be obtained for a nominal processing free ($30) provided the requestor provides proof of identity (or corporate identity).

Check out www.WhichSSL.com

[Nonesuch]

Just this week I have started looking around before we purchase a certificate for a semi-private Internet server. I've found the 'WhichSSL.com' site to be very helpful, especially http://www.whichssl.com/faq/compatibility.html.

Our users are easily alarmed, so we need to use a certificate from CA that is fully trusted by all of the common browsers. This pretty much limits you to Verisign/Thawte. If you expect that most users will have mostly upgraded to more modern browsers, then your available choices increase dramatically.

I am currently considering InstantSSL... so far it's taken two days, and no signed certificate, but the price (free trial, $49/year) is right.

Re:Check out www.WhichSSL.com

[Phroggy]

Another poster pointed out that WhichSSL.com is an advertisement for InstantSSL.com. Check whois.

Carefull of Startup CA's

[funkydollabill]

It might be worth it to use a CA that is established, and looks to be around for a while. (I know, nothing's forever - especially on the 'net...) What I mean is, some CAs are running on VC $$$, and wouldn't it suck if you had to go out and get a new cert when their $$$ dries up and they go outta business. When a CA ceases to exist, there is no real way for your customers to verify the validity of your certificate, as the trusted 3rd party vouching for your company's identity will no longer be in business. This can be extremely important.

Re:Self-sign

[todhsals]

"And they know it's trusted since it came from you"

Was this supposed to be funny? The problem is that they don't know it is from you. If this is what you are teaching users then don't be surprised when they click through any dialog they get while surfing the web. "Are you sure you would like to install the latest network backdoor activex control?" OK

DRM -- You nailed it

[serutan]

Yes, and this is just a preview of the next economic layer that is going to be laid on top of the Internet with the arrival of Palladium. What do you suppose you will have to do to get your content enabled so everybody's PC will be allowed to open it? It's not just a scam, it's maybe the ultimate scam. Inflict the publishing industry's business model on the Internet by taking control of all the hardware connected to it.

These bastards are pure evil.

Re:DRM -- You nailed it

[Dr+Slump99]

Actually it would be a good thing if certificate authorities were a public service managed by the government: it would solve a lot of trust issues, root certificate distribution and suppress Verisign's monopoly. That is, if you couldn't get denied of getting one for any religious or political reason...
(Libertarians will mod me down for involving the government here... oh well! :))

Why they're cheaper

[billstewart]

They acquired a lot of market share early on by getting installed as default roots by IE and Netscape and selling their certs much cheaper than Verisign. So Verisign bought them, but uses them as a lower-priced brand where that's useful for market differentiation, and it beats having them as a competitor.

They've also done some innovative technology, but their basic raison d'etre was to sell certs for a low price, since the cost was also low.

Re:Why they're cheaper

[Nintendork]

I thought it might have something to do with hacker insurance. If your cert is compromised, Verisign will cover the financial losses up to a certain amount. Thawte (Started by the famous and rich S. African space tourist) which is now owned by Verisign doesn't have any hacker insurance.

SSL certs: an introduction

[CBC4]

The term CA refers to a Certificate Authority. A trusted CA functionally means that either it was included in your browser, mail tool, or Java interpreter, or you added it and clicked "trust this cert", or your IT department included it in your desktop load. The main cost in being a public CA is in very expensive lawyers to write a CPS which says how you're liable for certification practices.

For internal use only, there is no reason you can't be your own CA, as long as you prepare a standard client load for all of your internal users. SSL is no less secure, all the cert is used for is negotiating a session key anyway.

If you're going to enroll for more than 30 or so SSL certificates a year, you have a couple of alternatives to keep costs down. You can run a RA, which means you register the certs and a trusted CA signs them (VeriSign operates under this model), or you can get a subordinate CA that is signed by a trusted CA (RSA bought Xcert so they could offer this service).

The first company to offer a tool to let you manage your own CA was Netscape, which became iPlanet, and was bought by Sun. Their documentation is great, read this explanation of the benefits of a Self-Signed Root Versus Subordinate CA.

RSA writes very good docs too, but they're new to the CA business, and I believe the way their KCA product is positioned and pricing model will change. They are mostly interested in customers who use a lot of certs, for now.

entrust

[CBC4]

They're popular in europe, too. I see they're partnering with Sun, but it doesn't look like they're offering an RA or subordinate CA, unfortunately.

Re:entrust

[Conare]

it doesn't look like they're offering an RA or subordinate CA, unfortunately.

You didn't look hard enough. The RA comes bundled with the CA (Oops I mean Security Manager). The CA can be configured to be a subordinate with little trouble during installation.

Re:entrust

[CBC4]

You're right. I was thinking about the partnership with Sun in terms of Sun One (formerly Netscape CA). I wonder at what point they're competing with each other in that partnership? If they'd get together to include that functionality in Sun One, I'd be really interested.

Re:entrust

[Conare]

It looks like there is some information here

becoming a CA?

[DuckWing]

This whole thread begs the question, how does one become a Certificate Authority. Someone started it and others are available if you look at the CA's in your browser prefs. Couldn't a company be their own CA then?

InstantSSL works well for me

[prisoner-of-enigma]

I recently had the same question you do, namely I've got a small site doing a limited amount of business but I still need to accept credit cards and use SSL. Verisign? No way in hell. It'd take me two months to make their fee back in profits. No thank you.

After searching around a bit I found a site called InstantSSL run by an outfit called Comodo. They offer a 1 year 128-bit cert for $49, and you can even try it out for 30 days free of charge. I did, and it works well enough that I haven't had any complaints.

Becoming your own CA is a bad idea

[srichman]

From the original question:

Self signing my certificates works of course, but just about all browsers make a big fuss about it.

Making yourself a CA out of the blue and signing your own certificates is no different in the "big fuss" department, except the browser only makes a "big fuss about it" once for all your websites. So I highly doubt issuing his own CA cert would be any more acceptable to the poster than signing his own cert.

There is another drawback to becoming your own CA that is much more serious, though. I, as a web user, have no real problem accepting a self-signed certificate for an individual website or two. I'm very very hesitant, though, to accept Joe Schmoe as a CA, as this means I have given him the ability to, for instance, authorize whatever certificate he wants as a valid certificate for my bank's website. This is not cool with me. When I'm sending sensitive data over SSL to my bank (and others), I need to know (as much as possible) that the party on the other end of the transaction is who they say they are. My browser (Mozilla) doesn't offer any way to limit the scope of a CA's power at finer granularity beyond "this certificate can identify web sites."

Re:Becoming your own CA is a bad idea

[srichman]

You cited one anomaly out of the millions of certificates Verisign has issued. Verisign does, in fact, try to verify identity, and makes applicants go through a length application process to this end.

If you are claiming that trusted CAs can't be trusted any more than Joe Schmoe, then you are claiming that the entire concept of CAs is useless and should be thrown out the window. Is this really what you intend to be saying?

Re:Becoming your own CA is a bad idea

[CaptainZapp]

You cited one anomaly out of the millions of certificates Verisign has issued. Verisign does, in fact, try to verify identity, and makes applicants go through a length application process to this end.

While this might be true, this is something where you are disqualified after one mistake. It's sort off as giving the $ master printing plates away to anybody who wears a tie and claims to be from the federal reserve.

Even one mistake renders the whole concept doubtful, if not invalid. And the legendary rotten customer service of Network Solutions (a Verisign subsidiary) also doesn't help their credibility much.

If you are claiming that trusted CAs can't be trusted any more than Joe Schmoe, then you are claiming that the entire concept of CAs is useless and should be thrown out the window. Is this really what you intend to be saying?

One might argue, that a certificate which is signed by Verisign and probably belongs to whom it states it belongs is better then no certificate at all (or the one signed by JoShmo Certificate Specialists). Nevertheless, this doesn't excuse this really, really bad mistake, which questions the very core of PKIs.

Possibility for a business?!

[rice_burners_suck]

You have discovered a possible market for a low-priced product. Perhaps you could start your own certificate-signing company that charges, say, 10 cents a day ($36.50 a year) or 5 cents a day if you prepay for five years ($91.31) That's a pretty reasonable price.

Re:Self-sign

[Hobophile]

Would be nice if it was more like ssh where you need not coorporations manipulating ignorant web surfers with big warnings.

Actually, SSL with self-signed certificates is very much like SSH. Ever noticed that the first time you connect to a given hostname, ssh makes a big fuss about how it's never dealt with that host/IP combo before and asks you explicitly if you want to trust it?

The same thing happens with SSL if your certificates aren't signed by a CA. The dialog box that appears states that no one is vouching for the identity of this host and asks you if you want to trust it anyhow. Actually I believe Mozilla now has an option where you can ignore future warnings from the site, meaning it functions much like ssh: warns you the first time if it's someone it hasn't dealt with before, and then encrypts the channel and moves on.

The reason this isn't considered ideal is that encrypted communications is only half the goal; remember SSL is about securing e-commerce, not encrypting shell sessions. So there's another objective: certifying the identity of the server you're connected to. It's all very well if your connection to the online pet food store is encrypted, but if someone has poisoned your DNS entries then what you believe is the pet food store might just be a hacker lying in wait to record credit card numbers for orders his unsuspecting victims place.

Encryption doesn't help you if you can't trust the guy on the other end of the line. Note that this is true even in the case of ssh; if someone has root access on your destination machine it is trivial to capture your password and any other information you send.

Certificates are there to solve this trust problem. How is our erstwhile pet food shopper supposed to know whether his destination is the 'real' petsfoodonline.com he has seen advertised everywhere? Well, simple: a certification authority who performs some form of identity verification has issued a certificate saying that petsfoodonline.com is in fact responsible for the server you're connected to.

Does this prevent all scams? Of course not. You still don't know if petsfoodonline is really trustworthy, nor can you be 100% sure that someone hasn't simply stolen the certificate from that server and set it up on one they control. Certification authorities are part of the security process, not the entire thing. End users and server admins still have significant responsibility.

Without CAs it would be more challenging to determine who to trust online. Some sort of distributed web-of-trust application could probably ease that burden substantially, but then companies would need to win the trust of thousands of independent webs rather than simply paying a flat fee. Thus the CAs, for online vendors, are simply one of the costs of doing business.

That said, I am sure CAs charge more than what it costs them to provide their service, as I don't think their identity checking is all too thorough. What might be preferable is if different classes of certificates existed: higher security for online shopping/banking; lower security and lower cost for general opt-in type services such as webmail. The browser padlock icon could change colors to reflect this or perhaps have a number superimposed on it, or something. Companies could pay more for a higher level of certification, and vendors could charge significantly more for their highest levels. Such a hypothetical ultra-secure rating could even involve a security audit of the target servers and a risk analysis of likelihood of intrusion, rather than merely being a "pay us this and we'll tell everyone you're awesome" option. But I don't see this happening any time soon.

Personally, I use self-signed certificates, and instruct my users to simply add my CA to their Trusted CAs (which is fairly easy to do and no one has had trouble with it.) The main problem with this is that it doesn't scale, to multiple users, whereas the main problem with CAs is that they don't scale (cost-effectively) to multiple servers.

Link

Thawte IS Verisign - bought out a couple of years ago.

When you make a bold claim like that, you should provide a link. I didn't believe you until I looked it up myself.

That SSPCA.ORG site member signup form?

[StupidKatz]

This page, right? ... It is NOT encrypted! (at least not when you browse to it from here. Opera bug, or wacked design? You decide.)

You want interest supporters to send their CC and personal contact info over the net in plaintext? I sure as hell wouldn't sign up as a member online...

Re:That SSPCA.ORG site member signup form?

[GORby_]

I'm using Mozilla 1.1, and the form is encrypted in both cases you mentioned. Guess it must be some browser problem...

Re:That SSPCA.ORG site member signup form?

[Snap+E+Tom]

Go take it up with Opera. There's a redirect that pushes you to the secure version which your browser should then encrypt. It works with NS/Moz and IE. You can see the same bug in action at Wells Fargo's online banking.

And BTW, Mozilla doesn't work with the third party processing company, Bank of America, so don't bother. Blame it on BofA. Mozilla doesn't pass HTTP_REFERRER, which is an optional header. BofA's knumbskull system requires it.

Whose government?

Yet again, the assumption that the world stops at the USA's borders.
Do try to remember that some of us don't answer to Uncle Sam.

Re:Whose government?

[Fastolfe]

How is any of this limited to the United States? Are you saying you do not obtain certification of identity from whatever local government you participate in?

Re:Self - Soil

[jhantin]

Most people do not understand the Certificate Authority panel, or any other security panel, in their browser, well enough to be able to tell if they're doing the right thing.

Usability and security are at least superficially at odds here. Usability dictates that the user should be allowed to do whatever is desired, while security would rather break out the straitjacket. Perhaps a better compromise would be an obscure little option buried in the browser's advanced preferences that, in its default state, would simply not allow the user to click past a security warning. This little problem has more people than just you and I quaking in their collective boots.

Which one of these did I make up? And, more importantly, how did you decide that it was bogus?

Knee-jerk reaction: "SecureNet who?" Second look: "Wait a minute, CyberTrust isn't by RSA."

In any case, GTE CyberTrust is in the default roots, which would have me looking twice if it popped up in a security warning. I remember seeing the remaining two last time I skimmed the CA list.

Disclaimer: I get paid to understand the issues around public-key cryptography and its associated infrastructure, so maybe I should be disqualified from your quiz. :-)

In any case, I'd much sooner trust a self-signed certificate or obviously private CA hierarchy for minor snoop repellent (such as keeping nosy folks away from my 'blog passwords) than one made up to look official but didn't pass muster. Besides, with a self-signed cert, you can always stash a copy of it and have your browser scream if it changes, much like with SSH.

InstantSSL.com

[fwc]

$49/Year.

Almost instant (like 10 minute) issuance.

Trusted by 99% or so of in-use browsers (IE>=5.0, Netscape>=4.x, AOL>=5, Opera>=5).

Works great. Highly recommended.

Re:InstantSSL.com

[blibbleblobble]

$49/Year.
Almost instant (like 10 minute) issuance.
Trusted by 99% or so of in-use browsers (IE>=5.0, Netscape>=4.x, AOL>=5, Opera>=5).
Works great. Highly recommended.


Not entirely the point. Saying "wow, great, only $50 per year, we should use this on our nonprofit sites" is like saying "wow, only $100 per seat for a microsoft patent, we should use this in free software"

Most, if not all people here are running websites for free. Repeat: For Free. And they need encryption to stop ISPs spying on their visitors, not to prove that they're a verisign-approved-person (i.e. credit-card and american drivers' license)

So does OSDN have a root-CA? Does SourceForge have a root-CA? Does GNU have a root-CA? Does linux.org have a root-CA? Does google or DMOZ have a root-CA? No. The only root-CAs available are run by big american businesses for big american businesses, and this is exactly the problem we're discussing.

Paying $50 per year is simply not relevant.

Be your own CA

[nsayer]

Anyone with a copy of openssl can be their own CA. I won't go into tremendous detail, but the end result for the end user is that they will need to import the CA certificate once, and so long as you make that certificate last a long time (which implies that it must be a very large key so as to be cryptographically secure over its lifespan), the actual machine certificates can be recreated anually without requiring the users to approve new keys.

It's also nice to be able to set up multiple hosts or hostnames with certificates. It's truly a one-stop shop.

Of course, the security of the situation is similar to SSH - the first time you connect to an SSH server (or in this case, when the users click on the link to load the CA certificate), they don't have any guarantee that they're not being misled by a monkey-in-the-middle. That, for the most part, is the only thing the $x00 / year and/or the scary browser warnings really buy you.

My site doesn't do any e-commerce, but I do have some users who use Squirrelmail over HTTPS with such a setup. I've gotten no complaints from them about having to add the CA cert. And when I go visit someone else's house, it's sort of second nature for me to add the CA cert to their browser so that when I visit in the future I won't have to do it again. :-)

use your own CA for your backend servers

[iebgener]

You might need a certificate signed by a well known CA for your connections from the internet, but for all your backend server you can create your own CA. This will enable you to use a full strenght 1024/128 bit sll for nothing. There is a project called tinyca which enables you to create and signed certificates with your inhouse CA. So you create a CA for your company and add the CA to all your backend server. Once this is done, any certificate signed by your CA will be valid and fully secured.

I have tested it for Apache and Weblogic and Websphere and they work very well.

Make the CA key much bigger

[nsayer]

I would recommend making the CA certificate's key absurdly large, say, 16384 bits long, particularly if you want it to last 30+ years.

The idea is that this is the thing the users are going to have to all import into their browsers. You don't want to make them do it more than once. But the whole reason keys expire is that with concerted effort over time they can be factored. So you need to make the key length proportional to the expiration period in at least an attempt to insure that the key will remain secure over its lifespan.

The server cert should have a much smaller key, say a kilobit, because it's used a lot more than the CA cert (validating a server cert will be "hard" because its signed by a 16 kilobit key, but once it's done, the certificate is known-good as long as it remains valid), but because of that it should expire anually. But since you have a long-lived CA cert key, the users won't have to do anything when you do replace the server cert.

Of course, all of this is tempered by how paranoid you need (or want) to be.

Rackshack doesn't sign it...

[Nazmun]

Well, I'm not going to state the obvious and say that mod points don't always go the right way. Well directly at least...

In any case you shouldn't have looked for rackshack. They resell Geotrust certs.

It's trust afterall, not a guarantee

[swb]

Remember, I can create a self signed certificate for www.abcd.com just as easy as the real owner of www.abcd.com.

Right. And you can get a real CA signed certificate from many CAs for abcd.com, too, with about (or as little) deception as hijacking DNS if you're willing to do a little Jim Rockford-style deception.

I think the point is that it's trust -- just because a third party is *appearing* to vouch for the authenticity of abcd.com doesn't mean something creepy hasn't happened -- but you have to *trust* that everything's OK. It's like seeing the BBB sticker in a window. Doesn't mean they're not going to rip you off...

Re:Self-sign

[langed]

Self-signing will almost certainly cause errors that are going to scare away your remote (outside) users/customers. So to go SSL with the least fuss for these persons, I think the easiest way is to choose from the owners that are considered "trusted" in a fresh, out-of-the-box Windows installation. To wit:

• Verisign
• Microsoft
• GTE CyberTrust
• KeyWitness 2048
• Thawte

And if you still use Netscape (or expect your users to) then the Certificate Authorities are (Communicator 4.75):

• ABA.Ecom
• AddTrust
• American Express
• Baltimore CyberTrust
• BankEngine
• BelSign
• CertEngine
• Digit al Signature Trust Co.
• E-Certify
• Entrust.net
• Equifax
• FortEngine
• GTE CyberTrust
• GlobalSign
• MailEngine
• TC TrustCenter
• Thawte
• TraderEngine
• USPS
• ValiCert
• Verisign
• Visa International
• Xcert
• beTRUSTed

These certificates are trusted by default, and most (if not all) are self-signed.

To see these under IE, Pull down the Tools menu, Choose "Internet Options", choose the "Content" tab, and click the "Certificates" button. Finally select the Intended Purpose labelled "Client Authorization", and use the right arrow to scroll over and choose "Trusted Root Certification Authorities". The list of certificates will be displayed in the box there, for your easy perusal.
In Netscape Communicator: Communicator menu, Tools, Security Info, Certificates, Signers.

But for proper compatibility, I think we're kinda stuck with IE's smaller list, minus M$ and KeyWitness 2048. So, that leaves:

• Verisign
• GTE CyberTrust
• Thawte

Thawte is also quite pricey, at about US$150 for the first year.

Although, if I remember correctly, you could get away by getting into the "circle of trust" even if your certificate isn't signed by one of these companies. Just get it signed by some company that is signed by one of those listed in the third list above, and theoretically that should be good enough. Although, I'm just speculating here, based on a little too much schooling... :)
(Of course, I've skipped over the whole 40/48/64/128-bit encryption hassles with IE, but that's more an issue for webmasters and a bit outside the scope of this discussion.)

Exactly how is this a scam?

[GreyWizard]

1) Almost every known root CA targets businesses as their primary customers.

So? People who run businesses are entitled to target any subset of potential customers they choose. Usually this means the people most willing to spend money will get the most attention. Nothing obligates a company to be generous toward those providing free services. I agree that this is an unfortunate situation, but it's not the fault of the certificate vendors.

The internet community should establish a trustworthy non-profit body to administer certificates that charges just enough to cover administrative costs. Until that happens we're stuck with a choice between self-signed certificates, self-certified certificates, or profit-oriented services.

2) 'Wildcard' certificates cost an absurd amount of money, usually $500 or more. Excuse me? The entire premise of the certification, is that Thawte (or VeriSign, or whoever) is certifying my trustworthiness as an organization.

Excuse me, but that is completely wrong. An end-entity certificate certifies that you are who you say you are, not that you are trustworthy.

Clearly a wildcard certificate is no more expensive to produce than a more specific one, but the fact remains that this is a market economy and there are reasonable alternatives. There is nothing fraudulent happening here.

3) VeriSign, the biggest fish in the pond, has demonstrated on more than one occasion that it is in fact not trustworthy.

True indeed, but again not a scam. Software is complex and security even more so. Being trustworthy is difficult, and while I see nothing praiseworthy about VeriSign, they should not be vilified for trying and failing. (There are plenty of unrelated things for which they truly deserve blame, but that's another story.)

From the start, the entire digital certificate business has been about politics and moneymaking, nothing more.

Hello? Politics and moneymaking are a legitimate part of society. We get nowhere by turning up our nose at these things. Accept them and get busy making things better.

Re:Exactly how is this a scam?

[Xeger]

People who run businesses are entitled to target any subset of potential customers they choose. Usually this means the people most willing to spend money will get the most attention.

Correct. But when the businesses are trying to establish themselves as providers of an essential service, it is their responsibility to make the service available in some form to all parties, and not just to those willing to pay through the nose.

There're always self-signed certs, true. But some browsers will not accept self-signed certs. VeriSign paint hemselves as providers of critical infrastructure, and people believe them. At my workplace our browsers are configured not to accept certificates without a root CA signature, and we're not allowed to change the list of trusted root CAs. As a result, I can't check my email, visit the secure areas of my website, or easily get at the files on my PC. That's really what pisses me off. Perhaps I went overboard, blaming everybody and his mother for my personal security woes. But I think we agree that a privatized certification system is a terrible idea.

An end-entity certificate certifies that you are who you say you are, not that you are trustworthy.

Sorry, I misspoke. That's what I meant to say, but it was the end of a long workday. If you look at the remark in the context of the paragraph that follows it, you'll see my point: I am who I say I am, regardless of my hostname. "mail", "www", "ldap", "ftp" and "games" are all part of the xeger.net organization, and I see no good reason to pay VeriSign $200 for each of them. I should be able to partition my namespace however I choose.

Politics and moneymaking are a legitimate part of society.

That they are. But the browser vendors are treating this rash of moneymaking politickers as some sort of authority, in which we're supposed to place our absolute trust. They're not. IANA is an authority; VeriSign is a glorified notary public. Want to form an impartial, not-for-profit CA? Fine. But let's see you persuade Microsoft to distribute your public key with MSIE. Without the support of an extant governing body, or a whole lot of cash, you won't get very far.

Accept them and get busy making things better.

To that I can only say...after you, good sir. =)

Just got a cert for $39

[lewp]

Rackshack was selling Geotrust certs for $29. Had this story been posted a day or two earlier you could have gotten in on it :). They seem to be selling them now for $49, which is still *much* better than you'll find from say Thawte/Verisign. They've worked in every browser I tried, though I believe I just saw someone say they don't work in Opera. Oh well, small price to pay to save $120+ on a cert.

Re:Just got a cert for $39

[lewp]

Heh, replying to my own comment. The discrepancy between the price in the subject and the price in the body of my comment is the result of me saying "Oh, yeah, I got one for $39," starting the comment, then checking my online bank statement to be sure I was right and realizing I was charged $29.

I don't know if the original price was a mistake or something on their part since the price has changed since I signed up, but I'm not crazy, I promise :).

Thawte

[sniggly]

I have very good experiences with Thawte, they are very helpful and their website has excellent information for setting up a cert on linux/apache. It also had all the info I needed to pull a cert off an NT box and prep it for Apache w mod_ssl.

I do now notice that Thawte seems to have become a Verisign company. Also GTE Cybertrusts page http://www.cybertrust.gte.com/ seems too barebones for a commercial entity. Seems like verisign is the only choice remaining when it comes to full compatiblity?

Re:How about BBB + SSL cert?

[MickLinux]

It occurs to me that it might work to set up a combination "better business bureau" and "SSL" certification on the web.

Keep everything automated -- however, you get a score for unanswered complaints, answered complaints that are not accepted by the complainent, and such. Score drops too low, you lose your cert.

By doing that, you would actually provide the service of an alternative means of security.

A Scam

[iie1195]

[Ranting, flame if you want... Corrections and thoughts would be most appreciated ;)]

I know you're paying to prove you say who you are, but what's the big deal here anyways? To me, certs are more about encryption than a form of digital ID.

The 'Certificate Authority' is just another scam to monopolize, to a certain extent, encrypted digital transfer of data. If my cert is OpenSSL with myself as the signing authority, the cert is no less or more secure than an 'official' certificate. And even if the site/program is signed by authority, that does not mean you are not being cheated in some way by the issuer.

Blablah, I call for a grass-roots movement demanding the power to self-sign code and sites etc... Who's with me??!? :p

-- iie1195

company called RSA Security

[stud9920]

I looked at a company called RSA Security

• I bought a "computer" by a company called "Apple". Anyone heard of that one ?
• I purchased a "CPU" from a company called "Intel". Anyone knows that one ?
• I bought a "technical book" from a publisher called "O'reilly". I like trying obscure publishers, you never know...

Re:company called RSA Security

[MikeBabcock]

That's exactly what was going through my head -- "You haven't heard of RSA Security and you're dealing with certificates???"

this is a bad idea, security-wise

[Trepidity]

I would be very hesitant to add you, someone I do not know or have a particular reason to trust, as a CA. I wouldn't mind accepting your self-signed certificate to do an SSL transaction with your site, but adding you as a CA is a much bigger security risk. If I do that, you can then sign certificates for any site, including sensitive sites like my bank's. Then you, as a potentially malicious CA, can trick me into accepting false certificates identifying my bank's site.

Thus if you don't want to use a certificate signed by the major CAs, then please just self-sign. I have no problem accepting self-signed certificates, but adding random sites you don't know as CAs is a huge security risk that no one should do (so it'd be nice if you didn't require people to do it in order to visit your site).

Re:this is a bad idea, security-wise

[phallstrom]

I don't know... all an SSL cert does is encrypt traffic b/n your browser and the server. What happens once it gets to the server is completely unknown to you (and the CA certainly doesn't care).

How many shopping carts have you seen that have an "email the submitted orders to" option?

Trusting "Weasel Bob's Computers Online" simply because he's got a cert signed by Verisign is just crazy.

My point is, sure you want your bank's site to encrypt the sessions, but more importantly you want to know what they do with the data once they have it -- and determining this has nothing to do with SSL certs and CA's.

Or put another way, I can SSH into a lot of different boxes, some mine, some friends, some ISPs. All of it is encrypted, but I don't save the same time of data on my ISPs box as I do on mine because once it's there, it's not encrypted...

Seems like it would be nice if websites/browsers worked the same way. Encrypt the traffic and that's it.

Re:this is a bad idea, security-wise

[wkitchen]

You make a good point, especially for general, open-to-the-whole-world applications like e-commerce. But it still seems like a good approach for a company to secure services for it's own private use, both lan and wan. It may be unwise to accept unknown parties as CA's, but your own organization, with which you are intimately familiar, is probably more worthy of trust than the biggest CA's.

Re:Self-sign

[WilliamOfBaskerville]

The CA-signed ones are worthless anyway, because of the recently announced flaw in Internet Explore's cert verification routines.

For any un-patched copy of IE, which I will guarantee is at least 70% of them, the whole authentication side of SSL is totally bogus.

Free code-signing certificate from Thawte

[Danta]

Thawte does offer a free certificate, which can be used to sign your applets. There is a guide on how to sign your code with that certificate. The only thing you need after signing up with them is to get notarized. This will most likely cost you a little money. It cost me around 12$ (yes, twelve dollars!) to become fully trusted and now my Web Start application is signed and trusted to the same degree as all the other expensive ones, for the full price of US$ 12!

Re:Self-sign

[El+Prebso]

Agree, self-signing is the way to go. Personally I often trust the company Im dealing with alot more than I trust Verisign.

If you don't like having to click through the warnings, you can actually do something to the certificates fooling browsers to think it's not self-signed. I don't know how, but a frind of mine figured out how to do this.

US?

Why is it claiming it's a US address, when it's a British city in a British county with a British postcode?

Roll your own using OpenSSL

[gagravarr]

OpenSSL has everything you need to run your own CA. If you need some more docs than those that come with OpenSSL, there are loads out there, including these written by me. I run a CA using OpenSSL, and it's great. Does everything I need. All the internal machines trust the CA, and those external people who need to have also set up their browsers to trust it, so all is fine.

Rock Solid SSL ;o)

I am just setting a site up now that will sell 128bit SSL certificates, compatable with 99% of browsers (same level as Verisign and Thawte), and they will sell for $49.99 per year (or less for multiple years in advance).

www.rocksolidssl.com will launch in about 2 weeks!

There will be a 10% discount for the first week to get things rolling, but just for slashdot readers, I will offer 15% if you put the word "slashdot" in the discount field on the payment form, in the first week.

Can't say fairer than that ;o)

Have fun,

Jamie Burns.

funny +5 Re:free certs

[leuk_he]

This is even more funny than you think: what do you sign your activex applet with? YES a verisign key that says that you are really farnsworth.

Why can't business do this??

[johnlcallaway]

My company has a web presence such we feel that it is in our best interest to use a big gun, such as Verisign, to issue certs even though we know we are getting the shaft. Regardless of whether or not Verisign is doing their job or not asside, Microsoft and Netscape browsers trust them blindly and most of the Internet community doesn't know any better.

Besides, the biggest issue I have is not the $800/year we spend for the 128-bit certificate, but the fact I have to buy one for each server, even if they use the same name (read the license agreement ... it's in there.)

Since customers are required to sign up for our service, why can't we buy one Verisign certificate just for the sign-up server, then require customers to install a new root cert for our company to use our service. In fact, we could make that part of the install process with a 'click here and select OK' message. Most users would blindly click it an go on. Then we could create as many of our own certs for the rest of our servers as we wanted with no cost, and maybe evern 5 or 10 year expirations so we don't have to replace the blasted things every year.

Any thoughts?? I'm sure our marketing department could put together a wonderful page explaining how Verisign trusts us, blah blah blah.

Re:Why can't business do this??

[johnlcallaway]

Sheesh ... another non-technical person trying to push technical solutions. How much did you have to pay Thawte for your initial certificate so you could sign the rest? Maybe I will go into business for myself if every Tom, Dick, and Jamie can do it.

I post to get opinions, not marketing hype. Take it elsewhere. In case you haven't noticed, most /. users are very sensitive to this kind of crap.

just an idea

[truffle]

You could run a proxy that only accepts connections to trusted hosts (your internet appliances). That proxy could itself access the trusted host through SSL, but ignore the warning. The proxy itself would have a valid ssl certificate.

So you'd access URLs like:
http://mysecurehost/mytoaster
http://mysecurehost/mymicrowave
http://mysecurehost/mypenguinnightlight

Re:The certificate 'business' is a scam for 3 reas

[mh_cryptonomicon]

On point number 1, you are absolutely, positively, 100% incorrect. The purpose of a certificate is not to establish that a SSL server operator is a "trustworthy business," it is to assert that a server operator has agreed to a set of behviors that will protect their private key, to provide an indemnification structure, and (optionally) verify that some trusted third party thinks you have a real address that can be served with legal papers should you not properly protect your private key.

To establish that a business is "trustworthy" is an entirely different proposition usually involving accountants, business consultants, and statisticians to evaluate the survey results from their customers. If someone is trying to tell you that a business will adhere to any agreement made with you simply because they are in posession of a valid SSL cert, they are blowing smoke up your kilt.

Also, I'm surprised that you would say that there is no cost associated with issuing a certificate. I'm sure that you administer multiple redundant secure Unix systems for fun, but most people actually have to get paid to do this work.

small correction

[quacking+duck]

Entrust is a company headquartered in the US but with the bulk of the workforce in the US.

That should actually read "bulk of the workforce in Canada", sorry 'bout that.

Re:Everything you need to be a certifying authorit

[the_olo]

Everything you need to be a certifying authority comes with openssl [openssl.org]. It even has a nice perl script to make it easy. What Verisign and co have that you don't is their root certificates installed with the browsers by default.

Not really. OpenSSL lacks a robust OCSP server (the built-in one can only serve one connection at a time!) and relational database integration tools.

And the answer is...

[uberdood]

Fuck karma. I'm tired of crap question with OBVIOUS answers on /.

Go to google.com. Type in: free ssl certificate

It is trivial to find free certs good for 6 months, or $50 certs good for a year.

Re:Be your _own_ CA. Why pay anyone?

[jdreed1024]

the list of supported browsers is pretty thin

Is it now? Gosh, let's see. We support Mozilla 1.x. We support Netscape 4.x. We support Netscape 6.2.x. We support IE 5.5 and above. It evens supports a version of Lynx. What more do you want? The AOL browser?

Re:Self-sign - example

[MagicFab]

List this one.

Verisign, RSAS, & Entrust

[frank_adrian314159]

Has anyone noticed that all of these stocks trade below $5 a share? In the past, a lack of financial wherewithal has caused many companies to engage in *ahem* less than ethical manners */ahem*. Given that what these guys are selling is trust and given that currently thay have much less to lose by being untrustworthy than they had a few short months ago, why should I trust them any more than Joe Bob's Muffler and Certs Shop?

the next step?

[budalite]

Now, the next step. (a little off-topic but it will be taken someday, mayber sooner that later.) Are you really the guy who owns the device or account that is being used? Devices such as fingerprint and/or retinal scanning or just a card-swiper can (supposedly) add another layer of security. How does one "certify" locally or remotely that someone else is who that someone says he/she is? Remote retension of data by the gov't? Maybe, maybe not. Voice recognition? Then, there is the little problem of securing the stuff that secures the stuff that... (umm...gotta go)

(whatever)

Re:the next step?

[Fastolfe]

The actual act of authentication would work with data personally signed by you. If you sign the assertion that basically means "this voice print pattern is my own", any voice authentication mechanism in the world, provided they can validate the certificate chain establishing your identity, will be able to say, "this voice print I just heard matches the voice print asserted by this certificate" and it will allow them access. You've used your own private secret key along with your identity certificate to sign that voice print. It's up to the voice print analyzer to then do a good job of matching it up to something.

Now, this isn't to say that the technology itself isn't flawed. If it has a 5% error rate, that's still a 5% error rate, but that's not a flaw in the system of establishing that voice print assertion. Whoever's relying on that voice print authentication system to provide a level of authentication is doing so knowing the risks.

Actually, I can still see an argument against allowing users to sign something like a voice print. That might be something your local government might have to do on your behalf. Otherwise I could sell the use of my certificate for some other guy's voice if he wanted to get into something he'd otherwise be barred from. *shrug*..

Re:the next step?

[Fastolfe]

When you'd set up an account or device for someone, you (the administrator) would link that account to the person's identity by requiring the user to possess a "certificate" for whatever assertion I want to key off of. This would generally be a link from my username to my real-world name or driver's license number or something, but could easily be linked to a person's job title or role, as signed by the company. The only way I would be granted access is by presenting this certificate just like we do with SSL today.

If I wanted to log into the telephone company's systems to pay my phone bill, I might not even need to assert my identity, I'd just have to assert my ownership of that phone number, via a certificate that the phone company would have granted to me upon assignment of the number.

All of these would presumably go on a fat smart card of some kind, a virtual key ring.

instantssl.com

[jstaylor11]

I had the same dilema. I found a site called instantssl.com, you can get a certificate for as low as $49! Check it out.

Re:The certificate 'business' is a scam for 3 reas

[Xeger]

See my reply to someone else's reply, for a clarification of my point #1. I misspoke, but if you look at the remark in the context of the paragraph, you'll see that I'm talking about identity, and not trustworthiness.

Of course, there is an indirect cost associated with issuing a certificate. There's recurring overhead, the cost of the hardware on which the certificate servers reside, legal costs, etc. But the certificate itself is just a handy mathematical abstraction, and I'm damned sure that the cost to VeriSign per certificate they issue is a damned sight less than $400. If it isn't, that's their problem and they need to seriously reconsider their business practices.

it's for verification of who you're talking to

[Trepidity]

This is one of the weak points of public-key encryption; for it to be effective, you need some way to verify that the person whose public key you're using to encrypt data is really the person who you want to send the data to. With SSH this is typically done by keeping a list of fingerprints of the public keys of known hosts; the first time you connect to a host you're prompted with a warning that it's an unknown host, and asked if you want to add it to your known hosts list. This is a point of failure -- if the first time it turns out to actually be an imposter, you'll have added the imposter's fingerprint.

The SSL key-signing mechanism is intended to avoid this problem by having a company like Verisign that is supposed to be trustworthy. Thus you only need to get Verisign's key in a trusted manner (usually by being distributed with a browser), and then you can verify that all the other keys you get aren't fakes by checking to see if they've been properly signed by Verisign. The only points of failure here are: 1) the possibility of getting a fake Verisign key; and 2) the possibility of Verisign messing up and certifying a fake key. Generally 1) is not a significant problem; 2) may be. Since browsers generally treat all CAs the same, the strength against weakness 2) is only as good as the reliability of the least-reliable of the CAs. This is another reason why adding an unknown CA is a bad idea -- it basically makes the signing system completely useless. If you're going to do that, you might as well just tweak your browser's options to stop warning about unsigned keys altogether, since keys being signed by untrusted random parties isn't any better than them not being signed at all.

It's a fairly difficult problem to solve successfully. With PGP email one method being explored is a "web of trust," where you sign the keys of people you can vouch for (i.e. you known them personally so you can verify that they are who they say they are). This is difficult to scale though, since it only takes a handful of otherwise-trustworthy people to irresponsibly sign keys without properly verifying their authenticity to make the whole system useless (similar to the way it only takes one bad CA to make the system useless, only here the number of points of failure is much higher).

Re:it's for verification of who you're talking to

[phallstrom]

That's my point... people need to use some other method to determine that the site they are visiting is secure/trustworthy/okay/etc. beyond the fact that Verisign thinks it is. And it's clear that you can't trust Verisign...

We're saying the same thing, just differently :)

well, there's two issues

[Trepidity]

Verisign only attempts to do one of them -- verify that the site is who they say they are. Thus when you see "certificate from Amazon.com, signed by Verisign," if Verisign has done their job properly you can indeed be sure that this is Amazon.com's genuine certificate and not a forged one created by a malicious third party intercepting your communications (perhaps at the router level).

Now you're entirely correct that even if that's done, there's the additional question of "okay, so this really is Amazon.com; but is Amazon.com trustworthy?" I don't think the CA system is intended to answer that question; it's merely intended to let you know for certain that your communications aren't being intercepted. Furthermore, I don't think it would need to. The encryption system only needs to verify the authenticity of the other party; to determine the trusthworthiness of the other party, things liek resellerratings.com (expanded perhaps to other issues such as privacy and security) can suffice, since the ratings/review system doesn't need to be built into the encryption infrastructure.

Re:The certificate 'business' is a scam for 3 reas

[Fastolfe]

As such, it shouldn't matter whether I have one, ten or a hundred DNS names associated with my website and with my organization. By forcing you to buy separate certificates for your web server's DNS name, your mail server's DNS name, your LDAP server's DNS name and others, they are extracting even more money from your wallet.

SSL certificates are solely intended to certify the authenticity of a DNS hostname. I also think it's a sham to be selling these for every single hostname. If I as an organization have administrative control over example.com, all I should have to do is buy a certificate that establishes my control over example.com. I should be able to take that certificate and sign sub-domains and hostnames under example.com and distribute those keys throughout my organization however I want to. Validation of those certificates would only extend to the domain name signed by the next certificate up the chain, so I can't just sign www.microsoft.com using my example.com certificate, but it leaves complete control over establishing the authenticity of hosts and sub-domains under my domain to me, which is where it should be.

If it were up to me, SSL certificates would be issued for every domain registration directly from the registrars. Browsers wouldn't trust arbitrary certificate authorities, they'd trust the certificate created for the root DNS zone, which would then be used to sign registrar certificates for the zones they control, and delegation (in DNS and certificates) would proceed from there.

The sole advantage to the system as I see it today is that there's fewer points of vulnerability. The big certificate signing authorities can afford to spend a ton of money securing their keys. But once you start delegating outward, every registrar responsible for the .com zone would have to protect their keys equally well. If one got compromised without them knowing, any .com certificate would be suspect (subject to revocation at a later date, obviously). In addition, if my subdomain.example.com key was compromised and a www.subdomain.example.com host was hijacked, an SSL user-agent would treat it as authenticated. Fortunately the damage would be limited to that subdomain.

Re:Thwate IS NOT THAWTE!!!

[ceejayoz]

Well, that e-mail appears to have worked :-D

Now there's a direct link (not an affiliate one) and no page. Hee hee hee...

Anybody tried it?

[blackhedd]

Does anyone have an example of a reasonable-sized organization using OpenSSL (perhaps supplemented with extra tools beyond the pathetic perl scripts) to self-sign? Seems like you could do all your intranet stuff that way.

Re:Thwate IS NOT THAWTE!!!

[nelsonal]

Sorry, I didn't mean to point anyone in the wrong direction, I forgot the exact name and mistyped it in my browser, and it looked correct. I should have checked better. My apoligies to all.