| View previous topic :: View next topic |
| Author |
Message |
waverider202
Tux's lil' helper
Joined: 25 Sep 2002
Posts: 146
Location: Drexel University
|
 Posted: Thu Oct 17, 2002 4:24 pm Post subject: signing a certificate |
 |
|
I'm running a private server. Its only for my friends, family, and me. I would prefer that the invalid certificate dialog box did not come up. Is there a way for me to sign the certificate so that that dialog box does not come up (ie pretend to be verisign since its not a produciton server)
_________________
 |
|
| Back to top |
|
 |
Messiah
Tux's lil' helper
Joined: 30 Apr 2002
Posts: 139
|
| Posted: Thu Oct 17, 2002 5:08 pm Post subject: |
|
|
| Nope, not that I know of. The only way is to import the certificate (in IE, in Mozilla/Netscape you can just "Remember this certificate"). |
|
| Back to top |
|
|
rac
Bodhisattva
Joined: 30 May 2002
Posts: 6553
Location: Japanifornia
|
| Posted: Thu Oct 17, 2002 5:21 pm Post subject: Re: signing a certificate |
|
|
| waverider202 wrote: | | pretend to be verisign |
If this were possible, what would be the point of VeriSign's existence?
_________________
For every higher wall, there is a taller ladder |
|
| Back to top |
|
|
waverider202
Tux's lil' helper
Joined: 25 Sep 2002
Posts: 146
Location: Drexel University
|
| Posted: Thu Oct 17, 2002 6:25 pm Post subject: verisign's existance |
|
|
I honestly don't see a point in verisign's existance
_________________
|
|
| Back to top |
|
|
rac
Bodhisattva
Joined: 30 May 2002
Posts: 6553
Location: Japanifornia
|
| Posted: Thu Oct 17, 2002 7:02 pm Post subject: Re: verisign's existance |
|
|
| waverider202 wrote: | | I honestly don't see a point in verisign's existance |
They provide the service of verification. In a web of trust, two parties may agree on a mutually trusted third party, in lieu of physical key exchange. VeriSign makes sure that people that apply for certificates really are who it says in the certificate. They (and other root CAs) sign your certificate with a private key, and the corresponding public key to that root CA key is included as trustworthy in browsers.
If anyone could self-sign keys and effectively become their own root CA, there would be no way to guarantee that a certificate is valid, and the entire point of having them in the first place would evaporate. I suppose it would be useful to have the ability to import root CA public keys into individual browsers, so that from there on out, all certs signed by that CA would be accepted.
_________________
For every higher wall, there is a taller ladder |
|
| Back to top |
|
|
OdinsDream
Veteran
Joined: 01 Jun 2002
Posts: 1057
|
| Posted: Sun Oct 20, 2002 8:42 pm Post subject: |
|
|
It seems like someone would have set up a certificate authority open-source project by now.
The type of stranglehold that Verisign and NetworkSolutions have on domain control and certificate signing is very disturbing, to say the least.
I'd much rather trust a 3rd party who doesn't stand to gain money from the signing of certificates, myself. |
|
| Back to top |
|
|
|
Networking & Security
