On Sat, 3 Aug 2002, Marcin Sochacki wrote: > On Sat, Aug 03, 2002 at 05:26:54PM +0200, Teun Vink wrote: > > You can do 2 things: buy a certificate from a trusted party (e.g. Thawte > > or OpenSRS), or use an unsigned certificate. You can create an unsigned > > certificate yourself, but visitors of the https-site will be notified that > > the cert is unsigned. A certificate should cost you somewhere between $100 > > and $200 a year... > > To be exact, the certificate is signed in both cases, the difference is > in the signing authority. Thawte, Verisign are trusted (in theory), > your own CA (Certificate Authority) if not trusted, and that's why > most browsers complain when entering such a website. > [...]
You're right. But the result for the person visiting the website is that a self signed certificate is usually marked by their browser as "untrusted", resulting in a warning, while a certificate signed by a trusted party is not. Teun -- "If an infinite number of monkeys sit at an infinite number of typewriters and randomly press keys, they will eventually produce the source code of MS-Windows."
