On 04/12/14 19:40, Eric Mill wrote:
(Setting aside how awful the CA system is generally...)
For those who still have a need to participate in it, and for those angry at StartCom's refusal to waive[1][2] revocation fees for their free class 1 certs, what's the best CA for the job?
Even if not free, I'm looking to recommend[3] something priced attractively for individuals and non-commercial uses. The friendlier the interface, and the more reliable and principled the customer service, the better.
Read the draft of Peter Gutmann's big book called Security Engineering. [1] It tell (among things) the story that people accept scary warnings a signal that a site is secure. Even if the opposite it true. I suggest to create a self-signed certificate. (Unless you're a bank as Firefox warns against that). Guido. 1: https://www.cs.auckland.ac.nz/~pgut001/pubs/book.pdf