Boost :

Subject: Re: [boost] [website] SSL certificate
From: David Abrahams (dave_at_[hidden])
Date: 2010-08-16 12:39:08

• Next message: Rene Rivera: "Re: [boost] [website] SSL certificate"
• Previous message: Eric Niebler: "Re: [boost] [website] SSL certificate"
• In reply to: Rene Rivera: "Re: [boost] [website] SSL certificate"
• Next in thread: Rene Rivera: "Re: [boost] [website] SSL certificate"
• Reply: Rene Rivera: "Re: [boost] [website] SSL certificate"

At Mon, 16 Aug 2010 07:33:04 -0500,
Rene Rivera wrote:
>
> Just because a cert is not signed by a built-in CA doesn't make it
> invalid. Having either self signed certs or locally signed certs is a
> common occurrence (I do it for most of my own HTTPS/SSH sites). So I
> don't see a real reason to start paying a major CA for them to sign a cert.

I know that, but a lot of people don't. And web browsers are making
untrusted CA signatures look increasingly alarming---it makes people
nervous and degrades trust in Boost. I suppose, pretty soon, we may
not need to have any https stuff on our own domain anyway, but as long
as we do have to do that, it would be good to have a cert that doesn't
raise any alarms.

-- 
Dave Abrahams
BoostPro Computing
http://www.boostpro.com

• Next message: Rene Rivera: "Re: [boost] [website] SSL certificate"
• Previous message: Eric Niebler: "Re: [boost] [website] SSL certificate"
• In reply to: Rene Rivera: "Re: [boost] [website] SSL certificate"
• Next in thread: Rene Rivera: "Re: [boost] [website] SSL certificate"
• Reply: Rene Rivera: "Re: [boost] [website] SSL certificate"

Boost list run by bdawes at acm.org, gregod at cs.rpi.edu, cpdaniel at pacbell.net, john at johnmaddock.co.uk