From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from lists.gentoo.org ([140.105.134.102] helo=robin.gentoo.org) by nuthatch.gentoo.org with esmtp (Exim 4.50) id 1Ec8op-0005aD-Ds for garchives@archives.gentoo.org; Tue, 15 Nov 2005 21:58:23 +0000 Received: from robin.gentoo.org (localhost [127.0.0.1]) by robin.gentoo.org (8.13.5/8.13.5) with SMTP id jAFLuott025262; Tue, 15 Nov 2005 21:56:50 GMT Received: from pug.dmallwitz.net (pug.dmallwitz.net [209.249.182.192]) by robin.gentoo.org (8.13.5/8.13.5) with ESMTP id jAFLqp1N010210 for ; Tue, 15 Nov 2005 21:52:52 GMT Received: from localhost (localhost [127.0.0.1]) by pug.dmallwitz.net (Postfix) with ESMTP id 6939F4436A1 for ; Tue, 15 Nov 2005 16:52:48 -0500 (EST) Received: from pug.dmallwitz.net ([127.0.0.1]) by localhost (pug [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 31043-10 for ; Tue, 15 Nov 2005 16:52:46 -0500 (EST) Received: from [10.233.148.147] (drm.dsl.patriot.net [209.249.182.204]) by pug.dmallwitz.net (Postfix) with ESMTP id 5A6174436A0 for ; Tue, 15 Nov 2005 16:52:46 -0500 (EST) Message-ID: <437A58D0.9050607@dmallwitz.net> Date: Tue, 15 Nov 2005 16:53:20 -0500 From: David Mallwitz User-Agent: Mozilla Thunderbird 1.0.6 (Windows/20050716) X-Accept-Language: en-us, en Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@gentoo.org Reply-to: gentoo-user@lists.gentoo.org MIME-Version: 1.0 To: gentoo-user@lists.gentoo.org Subject: Re: [gentoo-user] OT - SSL certificate authorities References: <437A4861.7050500@gmail.com> In-Reply-To: <437A4861.7050500@gmail.com> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Virus-Scanned: amavisd-new at dmallwitz.net X-Archives-Salt: 839ea054-cce2-404b-a1d3-903e153ae280 X-Archives-Hash: 5dbcc4544e476175b7a414f6429f99e2 Antoine wrote: > Hi, > We are going to set up ssl on a webserver at work and I guess that means > we need a certificate... does anyone have any useful alternatives to > Verisign? Are they really worth the name? > We are not going to be doing any monetary transactions but our clients > are very security conscious (who isn't!) and I have no experience in > these matters. I am certain the boss will want verisign, as he buys a > lot of stuff just for the name but if I can offer him a comparable > alternative at a fraction of the cost he may go for it. > Cheers > Antoine I prefer Geotrust (http://www.geotrust.com/) to Verisign for third party signed certificates. Remember that your web server must be properly configured (http://httpd.apache.org/docs/2.0/ssl/ssl_howto.html) in order to offer any real security. Best, Dave -- gentoo-user@gentoo.org mailing list