On Mon, 2006-01-23 at 22:18 -0500, Thomas E Dukes wrote: > > > -----Original Message----- > > From: centos-bounces at centos.org > > [mailto:centos-bounces at centos.org] On Behalf Of Jeff Lasman > > Sent: Monday, January 23, 2006 9:51 PM > > To: CentOS mailing list > > Subject: Re: [CentOS] Self-signed certificates > > > > On Monday 23 January 2006 05:44 pm, Thomas E Dukes wrote: > > > > > I'm not trying to be cheap but this is a crock! 128 bit is 128 bit! > > > Browsers should be able to recognize the encryption method, not the > > > name. I mean, that's what its all about. > > > > Hmmmm... You've lost me again <frown>. > > > > If you mean cert distributors, you can buy certs for about > > $10 from GoDaddy, and yes, browsers recognize them. > > Is that with their hosting package or can you buy it outright? And browsers > will accept them without a "security alert"? > Their (godaddy) wildcard cert is $199.00/yr (turbo) or $299.00/yr (high assurance) Their individual site same certs are $19.99/yr (turbo) or $89.99 (high assurance). Here is the difference: https://www.godaddy.com/gdshop/ssl/compare.asp?se=%2B&app%5Fhdr=99 For internal stuff, I would use only a signed certificate. I created one for 10 years for my company for internal websites. > > > > If you mean the browser should recognize the cert as a cert > > and not care about the name it's issued for, that can't work > > because the purpose of a cert is to guarantee you're talking > > to whom you think you're talking to. So the domain name has > > to be in there. > That is why a wildcard cert is good. Many companies are doing wildcard certs now. They are for *.yourdomain.com ... so mail.yourdomain.com and www.yourdomain.com and test.yourdomain.com are all valid with that certificate. > The name I was referring to was the issuing authority not the domain name > for which it was issued to. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 189 bytes Desc: This is a digitally signed message part URL: <http://lists.centos.org/pipermail/centos/attachments/20060124/fa06e37f/attachment-0005.sig>