17 Dec
2003
17 Dec
'03
11:17 p.m.
Sam Quigley wrote:
I've set up my own CA, and given myself my own cert., but having the same server you're interacting with being the one that's the CA for the transaction leaves the setup open to man-in-the-middle attacks (I'd think, at least...).
It's up to the user (at least with the Netscape Navigator) to decide what CA certificates or particular server certificates to trust. Self-signed certificates are logically at the root of any certificate chain. PK -- Philip L. Karlton karlton@netscape.com Principal Curmudgeon http://www.netscape.com/people/karlton Netscape Communications Corporation Everything should be made as simple as possible, but not simpler. -- Albert Einstein