free SSL CAs?
Philip L. Karlton
karlton at netscape.com
Mon Nov 4 16:35:04 PST 1996
Sam Quigley wrote:
>
> I've set up my own CA, and given myself my own cert., but having the same
> server you're interacting with being the one that's the CA for the
> transaction leaves the setup open to man-in-the-middle attacks (I'd think,
> at least...).
It's up to the user (at least with the Netscape Navigator) to decide
what CA certificates or particular server certificates to trust.
Self-signed certificates are logically at the root of any certificate
chain.
PK
--
Philip L. Karlton karlton at netscape.com
Principal Curmudgeon http://www.netscape.com/people/karlton
Netscape Communications Corporation
Everything should be made as simple as possible, but not simpler.
-- Albert Einstein
More information about the cypherpunks-legacy
mailing list