From: Jorey Bump (listjoreybump.com)
Date: Mon May 19 2008 - 11:38:58 CDT

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Bill Cole wrote, at 05/19/2008 11:50 AM:
> At 10:05 AM +0200 5/19/08, Mauro Sanna wrote:
>>
>> Use CAcert.org it's free.
>
> That is not so if your time has any value and you have a typical user
> base. User support effort is the biggest reason not to use a self-signed
> cert, and that is at least as significant with any 3rd-party CA that is
> not a part of most users' set of trusted CA's. It is also somewhat
> harder to make the logical case that a user should trust a CAcert.org
> certification of the identity of their mail provider than that they
> should trust that provider's own assertion.

I agree, but perhaps our underlying reason is flawed. It's interesting
that the Debian/OpenSSL fiasco was caused simply because a maintainer
wanted to silence some valgrind reporting. Aren't we guilty of the same
thing if all we want is to stop client software from complaining to our
users, who then will turn around and complain to us?

I set up a CA with the full intention of installing the root certificate
in our clients, until I realized that it would be trivial for certain
types of support staff to create a man-in-the-middle attack. It seems to
me that blindly trusting a root CA has its share of risks, as well.

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]