Re: FN-FORUM: SSL and certificates

date posted 1st August 2003 20:18

On Fri, 1 Aug 2003, Manjit Singh wrote:

> I am little confused. New to SSL.
>
> There are self-signed certificates and those provided by PayPal,
> Verisign, Thawte. Which is the best root for a small business (books,
> musical instrument seller). I'm thinking self-signed.

They're /functionally/ equivalent in that either will allow client browsers
to encrypt their communications. But unless your cert is signed by a
well-known CA (e.g. Verisign, Thawte, etc), then your users' browsers will
pop up a scary warning message, which may put them off buying from you - the
equivalent of "a bloke down the pub selling guitars from the back of a van".

Of course, given how few users check the certificates they're offered, and
given how little checking is needed to get a basic cert, the point is
usually somewhat moot anyway. But the users don't get the scary warning with
a CA-signed cert. ;-)

> Manjit

Best Regards,
Alex.
--
Alex Butcher Brainbench MVP for Internet Security: www.brainbench.com
Bristol, UK Need reliable and secure network systems?
PGP/GnuPG ID:0x271fd950