On Fri, 13 Mar 2015 14:04, mw...@iupui.edu said: > A CA that charges nothing cannot afford to do much (any?) checking of > the assertions in my CSR. The resulting signature thus cannot have > some of the meaning that a more thoroughly investigated CSR can
Given the implicit cross certification of all CA in the browsers this does not matter. Except for those who tightly control their Root CA but that is a rare case and not really practical. The more expensive CAs are only selling you a fashionable background color for your the client's address bar. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users