[Cryptography] OpenPGP and trust
Moritz Bartl
moritz at headstrong.de
Mon Apr 7 16:09:27 EDT 2014
On 04/06/2014 11:27 PM, Stuart Longland wrote:
> I'm not sure it's worth spending dollars on CA certificates
StartSSL issues free certs: https://startssl.com/
> and all the red tape that involves
What exactly? Configuring HTTPS isn't really not that involving.
> I provide the option for https logins, and tend to direct people to use
> clear-text only if their machine is particularly strict on self-signed
> CAs. I suppose I should provide a link to the CA certificate I'm using
> so they can load that into their browsers. I feel this is a "good
> enough" compromise in our situation.
Simply getting the thing signed by StartSSL and disabling HTTP should
solve your problem?
More information about the cryptography
mailing list