Linked by Thom Holwerda on Fri 29th Aug 2008 13:23 UTC, submitted by irbis
Mozilla & Gecko clones Firefox 3.0, released not too long ago, was generally well-received. It added a load of new features, while also providing much-needed speed improvements and better memory management. Some new features, however, have met more resistance - one of them is the rather complicated user interface thrown at users when they reach a website with an invalid or expired SSL certificate.
Thread beginning with comment 328512
To view parent comment, click here.
To read all comments associated with this story, please click here.
RE: Cert Authority System's Fault
by VistaUser on Fri 29th Aug 2008 14:42 UTC in reply to "Cert Authority System's Fault"
VistaUser
Member since:
2008-03-08

Luckily for you, you CAN afford a certificate from a verified CA. startcom offers free SSL certificates via http://www.startssl.com/ and it is recognised by Firefox.

Unfortunately, not many people know about this.

(Hopefully, CAcert will be recognised soon too, but that may not be soon enough for most people.)

EDIT: Unfortunately, startcom is not recognised as a valid SSL authority by other browser vendors (Microsoft IE, maybe Opera and Apple too), so it may not be a good fit.

Edited 2008-08-29 14:55 UTC

Reply Parent Score: 4

braddock Member since:
2005-07-08

Wow, the price is right ($0) at www.startssl.com - thanks, I'll probably register.

CAcert sounds like the right community-based idea, but they are actually recommending people use a few words of l33t sp34k for their pass phrases!? I don't think I would be shipping their cert quite yet either...

Reply Parent Score: 1

CrLf Member since:
2006-01-03

That doesn't solve the problem for internal domains (the only solution is to create an internal CA and add its root certificate to the browser), not does it solve the problem for embedded web administration in a variety of devices (many of which don't even allow the certificate to be changed).

Reply Parent Score: 2