[Ach] StartSSL for Business Sysadmins

L. Aaron Kaplan kaplan at cert.at
Sun Jan 12 17:38:40 CET 2014


On Jan 12, 2014, at 5:35 PM, Aaron Zauner <azet at azet.org> wrote:

> Hi,
> regarding recent discussion of Certificate Authorities and where/how to
> buy stuff: in my opinion that is not something we should discuss here,
> neither in the paper nor on the mailing list. This information is easily
> available on the internet. We also do not need a guide for that as ahmad
> suggested. I'm sorry, but that's not only out of scope but marketing for
> commercial vendors that make their money by providing a false sense of
> trust. And they are in fact doing it very poorly, often involving
> security risk for customers or sub-CAs.

To add to this:

The disclaimer section says:

"This guide does not talk much about the well-known insecurities of trusting a public-key infrastructure (PKI). Nor does this text fully explain how to run your own Certificate Authority (CA)."

Maybe this should move to a separate guide? It is indeed a big topic.


// L. Aaron Kaplan <kaplan at cert.at> - T: +43 1 5056416 78
// CERT Austria - http://www.cert.at/
// Eine Initiative der nic.at GmbH - http://www.nic.at/
// Firmenbuchnummer 172568b, LG Salzburg

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 163 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.cert.at/pipermail/ach/attachments/20140112/38d4f3bc/attachment.sig>

More information about the Ach mailing list