> > > Can't A. Random Badguy assert his own identity just as easily
> > > as B. Random Goodguy can? If so, what does self-certification
> > > buy you?
> >
> > Frankly I trust Messrs. Badguy and Goodguy at least as much as I
> > trust Verisign. And the SSL at least prevents password snooping
> > and man-in-the-middle attacks.
>
> That's not the point. The purpose with a well known signer is that
> the Public trusts them. We don't care about the developer - he
> knows who he is.
>
> That SSL works is also known. So it comes down to give the public
> a nice and warm feeling when they enter confidential information.
1. Data sent over the connection is encrypted.
2. The client can verify who is receiving the data (or vice-versa
if you want to swing that way).
The second tends to include a price :(. For small potatoes stuff,
#1 is often good enough. It boils down your requirements, cost vs.
benefit, etc.
~ Daniel
________________________________________________________________
Get your name as your email address.
Includes spam protection, 1GB storage, no ads and more
Only $1.99/ month - visit http://www.mysite.com/name today!
-----------------------------------------------------------------------
This list is provided as an unmoderated internet service by Networked
Knowledge Systems (NKS). Views and opinions expressed in messages
posted are those of the author and do not necessarily reflect the
official policy or position of NKS or any of its employees.
This archive was generated by hypermail 2.1.3 : Fri Aug 01 2014 - 18:06:09 EDT