[AusNOG] Lets Encrypt
Colin Stubbs
colin.stubbs at equatetechnologies.com.au
Wed Nov 19 13:03:48 EST 2014
Correct. They shouldn't be in any trusted bundles because cacert.org does
absolutely nothing to validate anything more than the ability to read an
email.
StartCom, as weird as they are an as irritating as their interface is, at
least do go to reasonable lengths to validate personal and business
identity.
Though they may also try to get you to jump through oddly shaped hoops
where you will enjoy lovely conversations that basically flow like below,
if memory serves correctly,
Me: "Hello this is Colin speaking."
StartCom: "Hi, are you $FULL_NAME born on $DOB"
Me: "It would appear so, given you called me after I gave you this number
via email a few minutes ago."
StartCom: "Do you have a direct land line number we can call you on?"
Me: "No."
StartCom: "Why don't you not have a direct land line number we can call?"
Me: "2014"
StartCom: "Can you fax us your documents?"
Me: "No"
StartCom: "Why can't you fax us something?"
Me: "2014"
StartCom: "Do you have a fax number we can send a fax to?"
Me: "No"
StartCom: "Why don't you have a fax number we can send you something to?"
Me: "2014"
On 19 November 2014 11:41, Ben Cooper <ben at zeno.io> wrote:
> They got taken out of the majors a few years back due to their auditing
> failing to pass the test.
>
> If memory serves.
>
> On Wed, Nov 19, 2014 at 11:34 AM, Peter Tiggerdine <ptiggerdine at gmail.com>
> wrote:
>
>> cacert.org as well which seems more transparent about the processes and
>> policy that govern their setup. Not use if their root ca cert appears in
>> all the browsers/Operating Systems which is always the hard part.
>>
>> On Wed, Nov 19, 2014 at 11:18 AM, Jeremy Visser <jeremy at visser.name>
>> wrote:
>>
>>> On 19/11/14 10:34, Ernie wrote:
>>> > It's going to be a non-profit organization that issues free
>>> > certificates for any website.
>>> >
>>> > My question is, will this screw up companies like Verisign/Thawte
>>> > sales?
>>>
>>> Given that StartSSL have been around for years, and do exactly that: no.
>>> _______________________________________________
>>> AusNOG mailing list
>>> AusNOG at lists.ausnog.net
>>> http://lists.ausnog.net/mailman/listinfo/ausnog
>>>
>>
>>
>> _______________________________________________
>> AusNOG mailing list
>> AusNOG at lists.ausnog.net
>> http://lists.ausnog.net/mailman/listinfo/ausnog
>>
>>
>
>
> --
> --
> Ben Cooper
> CEO
> Zeno Holdings PTY LTD
> P: +61 7 3503 8553
> M: 0410411301
> E: ben at zeno.io
> W: *http://zeno.io <http://zeno.io>*
>
> _______________________________________________
> AusNOG mailing list
> AusNOG at lists.ausnog.net
> http://lists.ausnog.net/mailman/listinfo/ausnog
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20141119/643ea8d2/attachment.html>
More information about the AusNOG
mailing list