WebApp Sec mailing list archives
Re: how to secure a commercial web site
From: Sean Radford <sradford () bladesystems co uk>
Date: Wed, 12 May 2004 08:47:48 +0100
While not directly appripriate to the thread... It's a shame the Simple Public Key Infrastructure isn't in widespread use. I don't suppose anyone knows of any SSL (or SSH) implementations that support it? Sean On Tue, 2004-05-11 at 17:17, Jeffrey Weiss wrote:
You can generate your own CA for free, and sign the site cert against this CA, but it won't be recognized by the browser and therefore is not trusted. If you're doing commerce this is not good enough. It will work for ensuring encrypted communications, but not "trust". You have to pay for trust; the security part is free. Jeffrey On Tue, 2004-05-11 at 04:11, info () biledge com wrote:hi, i am trying to secure -SSL certificated- a commercial web site without using verisign, global sign, etc. it seems there is a monopoly an i want to be out of it. does anyone know a better way to secure the web site or do i have to pay money, (even) for security ? regards, bilur
-- Dr. Sean Radford, MBBS, MSc sradford () bladesystems co uk http://bladesys.demon.co.uk/
Current thread:
- how to secure a commercial web site info (May 11)
- Re: how to secure a commercial web site Jeffrey Weiss (May 11)
- Re: how to secure a commercial web site Sean Radford (May 12)
- <Possible follow-ups>
- RE: how to secure a commercial web site Levenglick, Jeff (May 11)
- RE: how to secure a commercial web site Griffiths, Ian (May 11)
- RE: how to secure a commercial web site info (May 12)
- RE: how to secure a commercial web site Jason Gregson (May 12)
- Re: how to secure a commercial web site Rogan Dawes (May 12)
- RE: how to secure a commercial web site Levenglick, Jeff (May 12)
- Re: how to secure a commercial web site Jeffrey Weiss (May 11)