[Ach] StartSSL for Business Sysadmins
Tobias Dussa (SCC)
tobias.dussa at kit.edu
Tue Jan 14 08:51:37 CET 2014
On Mon, Jan 13, 2014 at 08:42:15PM +0100, Rainer Hoerbe wrote:
> My point was that a highly secure cert from SuperSecureCA.com does not make my
> server better, because it can always be impersonated from weaker CAs. It is
> the lowest common denominator that counts.
That depends entirely on how the client is set up and CAN be addressed. That is
EXACTLY the point: Whining about how everything is broken if implemented in a
stupid way is nice, but what is needed is some advise on what to do about it
> Those "Free" packaged are not really free. Either the cert is a marketing
> tool, or there is some other business model. Startssl.com ist not 100% free,
> e.g. they charge for revocation.
So what's the business model for CAcert? Or for the DFN PKI?
> Linux is not user-friendly.
It _is_ user-friendly. It is not ignorant-friendly and idiot-friendly.
(Seen somewhere on the net.)
Karlsruhe Institute of Technology (KIT)
Steinbuch Centre for Computing (SCC)
CERT Manager, CA Manager
76131 Karlsruhe, Germany
Phone: +49 721 608-42479
Fax: +49 721 608-9-42479
Email: tobias.dussa at kit.edu
KIT – University of the State of Baden-Wuerttemberg and
National Laboratory of the Helmholtz Association
More information about the Ach