Most Popular

• More Discussion About How Firefox 3 Handles SSL Certificates
• SSL Host Headers in IIS 7
• How to Create A Self Signed Certificate
• The Most Common Java Keytool Keystore Commands
• How to Create a Self Signed Certificate in IIS 7

Login:

How to choose a certificate authority

Linux Box Admin gives a brief look at which qualities to look for when choosing a certificate authority from which to buy SSL certificates. A more in-depth analysis will be available on SSL Shopper soon but this articles brings up some good points, especially about trust:

The goal of using SSL is to prove your identity (either as a server or a client). To do that, you have to trust the certificate authority, the certificate authority has to trust you (by verifying you are who you claim to be), and the client has to trust the certificate authority. If you pick a CA that your clients don't trust, you lose business.

The procedures and policies used by different CAs to verify your identity are not uniform. Sometimes, a CA will require printed letterhead with the address of your organization on it and follow up with a phone call to the contacts. Some go further and look up Dun and Bradstreet information or use online resources. One CA I worked with recently required that the domain be listed in a particular WHOIS database. These details may add to or diminish your confidence in the judgment of a CA. One that does no verification at all won't instill a lot of trust in your clients.

Make sure to also read our Certificate Authority Reviews when deciding upon a CA.

SSL: How to choose a certificate authority

Digg del.icio.us Reddit

Write a comment

Name:
Email: (not published)
Subject:
Comment:

Security Code:
 

Post Comment