[70085] in North American Network Operators' Group
Buying and selling root certificates
daemon@ATHENA.MIT.EDU (Sean Donelan)
Wed Apr 28 20:00:08 2004
Date: Wed, 28 Apr 2004 19:59:31 -0400 (EDT)
From: Sean Donelan <sean@donelan.com>
To: nanog@merit.edu
Errors-To: owner-nanog-outgoing@merit.edu
Not that SSL certificates are worth the paper they aren't printed
on; I still find this vaguely disturbing. Just who do you think your
computer is trusting?
http://www.websheji.com/domain-names/news/id506.html
Bob Parsons, CEO of Go Daddy, said that Starfield Technologies, a
subsidiary of the company, bought an unused root certificate, trusted by
99% percent of the browsers from ValiCert Inc more than a year ago has
been developing the system since then.
I'm not that interested in SSL for web servers, but I have noticed a
gradual increase in the number of mail servers willing to STARTTLS with
mine. I was experimenting with trying to verify some of the certificates
presented, its not real security, but makes the logs cleaner.
