|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Bill Cole (postfixlists-070913
billmail.scconsult.com)
Date: Mon May 19 2008 - 10:50:33 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
At 10:05 AM +0200 5/19/08, Mauro Sanna wrote:
>> On Sat, May 17, 2008 at 07:20:18PM -0300, Arturo 'Buanzo' Busleiman wrote:
>>
>> > -----BEGIN PGP SIGNED MESSAGE-----
>> > Hash: SHA512
>> >
>> > Hi group! Sorry for the OT. I'd like to implement SSL Certificates in my
>> > Postfix. Truth is there are
>> > lots of certificates available to be bought. Expensive ones, cheap ones...
>> > there's also openca. Of
>> > course, I don't want to use a self-signed one. Any recommendations? Again,
>> > sorry for the OT.
>>
>> What's wrong with self-signed certificates? They work just fine for SMTP,
>> nobody checks SMTP certificate validity withour prior agreement with
>> specific sites. The vast majority of SMTP certs are self-signed.
>>
>
>Use CAcert.org it's free.
That is not so if your time has any value and you have a typical user
base. User support effort is the biggest reason not to use a
self-signed cert, and that is at least as significant with any
3rd-party CA that is not a part of most users' set of trusted CA's.
It is also somewhat harder to make the logical case that a user
should trust a CAcert.org certification of the identity of their mail
provider than that they should trust that provider's own assertion.
--
Bill Cole
billscconsult.com
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]