Recon account
Don Quixote de la Mancha
quixote at dulcineatech.com
Sun Nov 6 00:59:14 EDT 2011
On Sat, Nov 5, 2011 at 7:01 PM, Liz <edodd at billiau.net> wrote:
>
> This actually translates into:
> The owner(s) of this site have not paid an extortionate fee to be
> accepted into a commercial keyring and certificate authority.
>
> What it means is:
> This is the Gnucash site
> You may accept the "risk" and save the certificate for the future.
It's not hard for anyone at all to issue themselves a Certificate
Authority certificate, then to sign SSL certificates with that.
While the connection would still be untrusted, your certificate would
not be self-signed.
Anyone who wanted to trust your site could add your certificate
authority cert to their browser's list of them, or to their Keyring if
they are on Mac OS X.
I did just that for the secure part of my company's website. I don't
expect anyone but my colleagues to ever visit those pages, so I don't
need to have my certificate authority cert built-in to all the major
browsers.
I can see all kinds of ways that the Open Source community would
benefit from some reasonable well-known and trustworthy organization -
the Free Software Foundation, say - handing out SSL certificates for
free to anyone who wanted one, or at least to anyone operating a Free
or Open Source software website.
--
Don Quixote de la Mancha
Dulcinea Technologies Corporation
Software of Elegance and Beauty
http://www.dulcineatech.com
quixote at dulcineatech.com
More information about the gnucash-user
mailing list