[65716] in North American Network Operators' Group
Re: Does your Certifying Authority have a clue who you are? Do they
daemon@ATHENA.MIT.EDU (Suresh Ramasubramanian)
Fri Dec 5 13:35:46 2003
Date: Fri, 05 Dec 2003 13:32:07 -0500
From: Suresh Ramasubramanian <suresh@outblaze.com>
To: Valdis.Kletnieks@vt.edu
Cc: Mark Foster <mark@foster.cc>, nanog@nanog.org
In-Reply-To: <200312051828.hB5ISAps017662@turing-police.cc.vt.edu>
Errors-To: owner-nanog-outgoing@merit.edu
Valdis.Kletnieks@vt.edu writes on 12/5/2003 1:28 PM:
> The three ways to disable the popup:
>
> 1) Have the user accept a CA cert for your site. Help Desk Nightmare.
> 2) Have the user disable the popup. Help Desk Nightmare.
> 3) Get the top-level-CA cartel to accept your CA cert in the list of ones
> bundled into IE.
4. For ISPs looking to run SSL sites for their own users - distribute
copies of IE and Mozilla / Netscape that have your cert embedded in already.
--
srs (postmaster|suresh)@outblaze.com // gpg : EDEDEFB9
manager, outblaze.com security and antispam operations
