[colug-432] ca-cert meetups?

Andy Graybeal andy.graybeal at casanueva.com
Sat Oct 23 14:10:34 EDT 2010


On 10/23/2010 01:38 PM, R P Herrold wrote:
> On Sat, 23 Oct 2010, Andy Graybeal wrote:
>
>> I work for a small co-op in Athens, Ohio, and I was wondering if anyone
>> knew of any CA-Cert gatherings to meet and identify. I'd like to get a
>> cert for our organization.
>>
>> I think I read a few years ago about the cbus lug doing this?
>
> ... formerly ...
>
> The politics of certificates making it into the 'default' bundle in a
> browser, makes a cacert certificate not worth much, as the cacert folks
> have simply not 'succeeded' in solving 'jumping through the needed hoops'
>
> I personaly concluded to go another way, to 'startssl.org' which has
> fairly minimal hurtles for issuing a certificate countersigned by a
> certificat that IS in the default store.
>
> With progressive authentication verification at minimal cost, one can
> end up able issue as many certificates as one needs with no incremental
> cost. (I am also 'qualified' in their 'notary program', but have not
> really seem much benefit to that so far). This 'amortizes' that fixed
> cost away to negligible
>
> We have several hundred domains under management, and so the savings
> made this worthwhile. It should be that the 'received path' in the
> headers of this email show an 'OK' status, indicating that the content
> transited through SSL layers, and that each stage (except from
> 'localhost' to 'bronson.owlriver.com' was not encrypted ... but that did
> not transit a network, as the localhost I compose on IS
> bronson.owlriver.com)
>
> -- Russ herrold
>
Russ,
Thank you for your advice.  I will chew on it.

What do you suggest I do to get my company verified (we are a for-profit 
coop corp).  We would like to have a web store and run a VPN.  Verisign 
is very expensive.

Is StartSSL only for individuals?

-Andy




More information about the colug-432 mailing list