[NTLUG:Discuss] Possible meeting presentation
Chris Cox
cjcox at acm.org
Wed May 12 00:40:01 CDT 2010
Hank Ivy wrote:
> On Tuesday 11 May 2010 02:03 pm Chris Cox wrote:
>> On Mon, 2010-05-10 at 22:59 -0500, Leroy Tennison wrote:
>>> I'm working on a presentation of openssl (NOT for this month's meeting)
>>> and wondering if there is sufficient interest. If so, what kinds of
>>> things should be covered:
>>>
>>> Cryptography background (kinds of keys, how it works)?
>>> What else?
>> Not sure we've ever had a dedicated presentation on OpenSSL. I think
>> it's a great idea. OpenSSL is used by SO much stuff.
>>
>> As for what to cover... not sure.... I think you could spend 5 meetings
>> if you tried to cover it all :-)
>>
>> So... IMHO, presenter's choice on what to cover...
>
> Is there a way to set up a WEB server with SSl keys so Internet explorer does
> not complain about unknown keys without paying a Certification Authority, CA,
> money for a signed key? Or how much would it cost?
>
"approved" CA's were setup a long time ago. And while it is possible that new
ones might show up, it requires at least an update to the "approved" authorities
list used by the browser (presumably via some kind of online update).
If you distribute your private homegrown CA's key out to your clients they can
add your CA as a trusted signer of keys and the error messages go away.
Now there are "levels" of approved certs... nothing really different about them
except that the signers can charge and arm and a leg for something that took
them two seconds to generate... sigh...
More information about the Discuss
mailing list