Boston Linux & UNIX was originally founded in 1994 as part of The Boston Computer Society. We meet on the third Wednesday of each month at the Massachusetts Institute of Technology, in Building E51.

BLU Discuss list archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Discuss] free certs everywhere

On 12/22/2014 10:43 PM, Tom Metro wrote:
> Probably a big reason this never happened is that when CAs were being
> established, all that existed were basic certs. The extended validation
> certs and other value added services were only thought up later. Once
> the industry was established, hard to correct for that lost opportunity.

You have it backwards. The early certificate authorities like Thawte 
were all about identity verification. X.509 is not an encryption system; 
it uses encryption as a mechanism to prove identity. Getting a "public" 
certificate -- that is, a certificate from a CA in Netscape's trust 
storage -- back then was expensive and time-consuming since the handful 
of extant CAs bothered with things like background checks to ensure that 
certificate requests were valid. A CA didn't get listed in Netscape's 
trust storage if it didn't. The proliferation of cheap, minimally 
verified or unverified certificates is a product of the dot-com bubble 
which came several years later.

-- 
Rich P.
BLU is a member of BostonUserGroups
BLU is a member of BostonUserGroups
We also thank MIT for the use of their facilities.

Valid HTML 4.01! Valid CSS!

Boston Linux & Unix / webmaster@blu.org