-----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of [EMAIL PROTECTED] Sent: Monday, November 03, 2008 1:46 PM To: dev-tech-crypto@lists.mozilla.org Subject: Re: someone else complaining about "Mozilla SSL policy"
On 3 Nov., 14:40, "David Stutzman" <[EMAIL PROTECTED]> wrote: > I think we covered this before and he misses the fact that there are free > alternatives out there like StartSSL that I use (Thanks Eddy!). This would only be true if the StartCom root would be included in Firefox 2, Windows, MacOS and Opera. At least in Windows its not included; StartCom is apparently not part of Microsofts root certificate program: http://support.microsoft.com/kb/931125 Or am I missing something, Eddy? Sorry, but its a little bit unfair to point people to StartSSL when they experience the Firefox SSL UI blues. They will get complaints from all those other browser users after they happily installed the free StartSSL certificate on their server. Its just bad advice, given with some big Mozilla blinder. Even Firefox 2 users are left out. Nothing against StartCom, but its prominent role in the Firefox SSL UI discussion doesn't seem justified. ------------- (I hate Outlook...) I do realize my situation isn't the same as everyone else's. I currently use StartSSL certificates for 4 services: my smtp, imap, primary webserver and IPCop router's web interface. My services are primarily consumed by myself but I do have a handful of people that either use email or have personal websites. For this type of environment StartSSL is perfect. I honestly don't care if a warning shows up when someone using IE accesses my website. I tell all my users that if they use Firefox/Thunderbird/SM/etc then it will "just work". For me, free is better than that small inconvenience for other people. For anyone else that needs it to work in all/most browsers, isn't it possible to get an SSL cert for around $20 a year? I mean, if you can afford the domain name registration and possibly webhosting or your consumer ISPs monthly fee, then another $20 isn't such a big deal. I'm in the camp where the strong binding of identity to public key isn't the most important thing to me. I just like the fact that I'm getting encryption and I'm not using self-signed certs. I'd probably set up a Dogtag installation at home and roll my own certs before I paid $20x4 for SSL certs. Dave _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
