Re: Slightly OT: SSL certs - best practice?

---

• From: Peter Jeremy <peterjeremy@xxxxxxxxxxxxxxxx>
• Date: Tue, 16 May 2006 19:15:12 +1000

---

On Mon, 2006-May-15 23:53:03 +0100, James O'Gorman wrote:

PS - Once I've worked out how exactly I'm supposed to be doing this,
I'll probably get some "officially" signed certs. I hear CACert are a
good, free way of doing this. Anyone got any comments on that?

I've gone through the CAcert assurance process and it seems to work,
though a lot depends on your access to other assurers. Note that the
CAcert certificates are now part of ports/security/ca-roots though the
issue of bootstrapping remains (how do you know that your roots file
is genuine).

--
Peter Jeremy

Attachment: pgpil2dnnrboN.pgp
Description: PGP signature

---

• References:
  • Slightly OT: SSL certs - best practice?
    • From: James O'Gorman

• Prev by Date: Re: Slightly OT: SSL certs - best practice?
• Next by Date: FreeBSD Security Survey
• Previous by thread: Re: Slightly OT: SSL certs - best practice?
• Next by thread: FreeBSD Security Survey
• Index(es):
  • Date
  • Thread

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Mailing-Lists  > FreeBSD-Security  > 2006-05