Whatever the insurance is on, I doubt that whoever is offering the insuarnce will consider it a great liability. Anyway in doing some reading tonight I have learnt what a "chained root" certificate is. (Eg: A company who issues certificates, but does not own the root cert)
Geotrust are younger but I haven't heard anything bad from them, and they are supported in IE, which is a bonus.
With futher reading, I believe the insurance is on the possibility that the encryption is beaten, eg the CC number gets stolen and used.
Cheers,
Scott Pettit
-----Original Message----- From: Michael Hallager [mailto:michael(a)networkstuff.co.nz] Sent: Friday, 9 January 2004 11:16 p.m. To: Scott Pettit Cc: nznog(a)list.waikato.ac.nz Subject: Re: [nznog] SSL Certificates query.
Ok. thanks. I am currently using Geotrust. Are they are widely known and credible company now?
They're insuring against damages/loss of goods etc. For example someone buying something off your online store never receives the goods, they are insured against being ripped off because the SSL cert is undersigning it.
I'm not 100% sure on what's covered and what's not, but checking out the thawte or Verisign websites should lead you to their insurance policy.
Cheers,
Scott Pettit
-----Original Message----- From: Michael Hallager [mailto:michael(a)networkstuff.co.nz] Sent: Friday, 9 January 2004 11:08 p.m. To: Scott Pettit Cc: nznog(a)list.waikato.ac.nz Subject: Re: [nznog] SSL Certificates query.
thanks. what exactly are they insuring against? keep in mind that my place in the scheme of things is the e-commerce merchant.
The difference between certificates is who signs them and how much the insurance is. Verisign cost much more however the insurance is higher too. It depends on application, if you want to secure something where goods of
a
value of say $2000 or less are being traded, then pick a certificate
with
insurance just under the total amount you intend to sell. The level of insurance should be in line with what your customers expect.
I've been looking at Chained SSL personally, it's cheaper and if your application doesn't require heavy insurance/any insurance then it's great. Just make sure the cert you purchase will show in the most common
browsers,
namely IE/Mozilla without popping up notices about the certificate being signed by a known authority.
Cheers,
Scott Pettit
-----Original Message----- From: Michael Hallager [mailto:michael(a)networkstuff.co.nz] Sent: Friday, 9 January 2004 10:53 p.m. To: nznog(a)list.waikato.ac.nz Subject: [nznog] SSL Certificates query.
Are they all somewhat equal? Anyone had any experience with "Chained
SSL"
certificates?
// Michael Hallager Director || Head geek || Making IT work.
URL: http://www.networkstuff.co.nz networkStuff, NZ's leading supplier of high quality used networking equipment.
Phone: 09 837-6100 (DDI) 0800 638-788 (Freecall) Fax: 09 837-8100 0800 329-788 (Freecall) Mobile: 027 477-7624
_______________________________________________ NZNOG mailing list NZNOG(a)list.waikato.ac.nz http://list.waikato.ac.nz/mailman/listinfo/nznog
-- // Michael Hallager Director || Head geek || Making IT work. URL: http://www.networkstuff.co.nz networkStuff, NZ's leading supplier of high quality used networking equipment. Phone: 09 837-6100 (DDI) 0800 638-788 (Freecall) Fax: 09 837-8100 0800 329-788 (Freecall) Mobile: 027 477-7624