[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: free SSL CAs?
Sam Quigley wrote:
>
> I've set up my own CA, and given myself my own cert., but having the same
> server you're interacting with being the one that's the CA for the
> transaction leaves the setup open to man-in-the-middle attacks (I'd think,
> at least...).
It's up to the user (at least with the Netscape Navigator) to decide
what CA certificates or particular server certificates to trust.
Self-signed certificates are logically at the root of any certificate
chain.
PK
--
Philip L. Karlton [email protected]
Principal Curmudgeon http://www.netscape.com/people/karlton
Netscape Communications Corporation
Everything should be made as simple as possible, but not simpler.
-- Albert Einstein