[NTLUG:Discuss] SSL and Patents

m m llliiilll at hotmail.com
Thu Apr 3 12:22:37 CST 2003 







>From: Greg Edwards <greg at nas-inet.com>
>Reply-To: NTLUG Discussion List <discuss at ntlug.org>
>To: NTLUG Discussion List <discuss at ntlug.org>
>Subject: Re: [NTLUG:Discuss] SSL and Patents
>Date: Thu, 03 Apr 2003 11:19:57 -0600
>
>Neil Aggarwal wrote:
>>Greg:
>>
>>SSL certs are not that expensive anymore.
>>We sell them for $139.00 per year.
>>
>>Thanks,
>>	Neil.
>>
>>--
>>Neil Aggarwal
>>JAMM Consulting, Inc.    (972) 612-6056, http://www.JAMMConsulting.com
>>Custom Internet Development    Websites, Ecommerce, Java, databases
>
>So I have discovered in the last 24 hours.  I've been doing more research 
>and < $200 certs are common now.  At that price my meagre budget can manage 
>it.
>
>I know this is off topic but I thought others in the group may be 
>interested in some of this.  If I'm pushing this discussion beyond the 
>list's interest just say so and I'll take it off list.
>
Here is my expeerience based on M$ iis  :(  and verisign:

>Questions:
>
>1. A cert, for say www.nas-inet.com, is valid for all URLs that extend to 
>paths off that FQDN?
>
>For example:
>
>   https://www.nas-inet.com/secure/login/site1
>   https://www.nas-inet.com/secure/payment/site2

yes.

>
>2. As I understand it you cannot certify a domain i.e. nas-inet.com, 
>instead you have to certify a site i.e. www.nas-inet.com?

Right. the verisign's certifiate issued in this way.

since you can issue the certificate by yourself, why don't you try it?


>
>3. Is the URL of primary use in validation or the reverse from the IP? If 
>you have several URLs based on the same IP (virtual hosting) what is used 
>as the common name in the cert?
the certificate is based on the site name, not on IP, so you need to have 
each certificate for each site.
>
>4. Is it of value to have a logo from a certification authority appear on a 
>secure web page?  Does this really help consumer confidence?  My own 
>opinion, when I'm on a site is that it doesn't alter my decision either 
>way.  As long as my browser is happy with the cert I don't think about the 
>security any further.
to me. no different (because I know how it works). but I think this question 
is belong to the people don't know https://... and http://...
you may want to ask people that have no ideas on how ssl works. this will 
give you more accurate feedback.

>
>--
>Greg Edwards
>New Age Software, Inc. - http://www.nas-inet.com
>======================================================
>Galactic Outlaw        - http://goutlaw.nas-inet.com
>   The ultimate cyberspace adventure!
>
>
>_______________________________________________
>https://ntlug.org/mailman/listinfo/discuss


_________________________________________________________________
The new MSN 8: smart spam protection and 2 months FREE*  
http://join.msn.com/?page=features/junkmail

More information about the Discuss mailing list