Encryption Certificates

Lists: spi-general
From: CACook(at)quantum-sci(dot)com
To: spi-general(at)lists(dot)spi-inc(dot)org
Subject: Encryption Certificates
Date: 2012-11-19 00:54:43
Message-ID: 201211181654.43942.CACook@quantum-sci.com
Views: Raw Message | Whole Thread | Download mbox
Lists: spi-general


Does SPI issue certificates to regular guys?

If so, are they accepted by Microsoft products without all kinds of scary messages?

And if scary messages, can anyone recommend a certifying authority that does not generate scary messages?


From: Jeremy Baron <jeremy(at)tuxmachine(dot)com>
To: CACook(at)quantum-sci(dot)com
Cc: spi-general(at)lists(dot)spi-inc(dot)org
Subject: Re: Encryption Certificates
Date: 2012-11-19 01:36:48
Message-ID: CAE-2OCZEOomG8r0z8LW1U--WmcV4Jt+sOjrGedw4wGQOBzfWVw@mail.gmail.com
Views: Raw Message | Whole Thread | Download mbox
Lists: spi-general

Hi,

On Sun, Nov 18, 2012 at 7:54 PM, <CACook(at)quantum-sci(dot)com> wrote:
> Does SPI issue certificates to regular guys?

I'm not sure what you mean by "regular guy". SPI at least does not
issue certs to people who are not associated with SPI or any of it's
associated projects. (AIUI)

> If so, are they accepted by Microsoft products without all kinds of scary
> messages?

AIUI, SPI is in some linux distro's certificate stores at the OS level
(at least Debian && Ubuntu) but not in any stores shipped by browser
upstreams nor any stores at the OS level on non-free operating
systems.

> And if scary messages, can anyone recommend a certifying authority that does
> not generate scary messages?

I think it's probably out of scope for SPI to make such recommendations.

-Jeremy


From: Jimmy Kaplowitz <jimmy(at)spi-inc(dot)org>
To: Jeremy Baron <jeremy(at)tuxmachine(dot)com>
Cc: spi-general(at)lists(dot)spi-inc(dot)org
Subject: Re: Encryption Certificates
Date: 2012-11-19 02:26:12
Message-ID: 20121119022612.GF4278@kaplowitz.org
Views: Raw Message | Whole Thread | Download mbox
Lists: spi-general

On Sun, Nov 18, 2012 at 08:36:48PM -0500, Jeremy Baron wrote:
> > And if scary messages, can anyone recommend a certifying authority that does
> > not generate scary messages?
>
> I think it's probably out of scope for SPI to make such recommendations.

Agreed, in terms of SPI as an organization.

In terms of individuals who happen to be reading this list, though - one
recommendation for a zero-cost certificate that won't typically generate scary
messages is the free option at StartSSL: https://www.startssl.com/

- Jimmy Kaplowitz
jimmy(at)spi-inc(dot)org, but not speaking here on behalf of SPI