"Leland V. Lammert" <[EMAIL PROTECTED]> writes:
> At 03:09 PM 6/12/00, you wrote:
> >Interesting... I don't quite understand what the preloaded root certs
> >have as extra value.
>
> The ONLY reason for e-commerce folks to sign up with a Root Cert CA
> (like Verisign or Thawte) is to prevent the nasty messages when a
> user initiates an SSL connection. Other than that, I, for one, will
> continue to use our self-generated certs <g>.
This message confirms something I've long believed: The messages that
the browser puts up to warn you of errors in certificate verification
are worthless because users don't understand what they mean and will
blithely click through them.
If users accept certificates without some independent way of verifying
the identity of the signer, then this obviates the entire point of
certificates, which is to prevent active attack on the connection.
The vast majority of the complexity of SSL is there to prevent
active attack. By choosing to use unauthenticated certificates,
you are opening the door to a broad class of attacks.
-Ekr
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
