The certificate itself is valid. The Certification Authority actually
is one I have created myself - so my own certification authority. What is more secure than the key's you have signed yourself ? Even a third party certification authority would not provide me that level of sdecurity.
And the most secure Certificate is actually the one you sign yourself, of course with High-Bit encryption. Check the certificate Details and the CA Details. You'll notice that the same person issued them on this site.
Main reason is I also choosed to sign my key's myself is that for some path's I require a valid client-side certificate - signed by the same CA the WebServer is signed. So - I don't really have a choice. A Verisign Certificate for 1 Server and 1 Client would cost me more than 3000 US$ ... That's defenitly too much for a Hobby.
Note that several Signing authorities have been compromised in the past to
start phishing attacks. I had the choice to buy a Cheap Certificate
Signing, or do it myself.
|
Entered by smurphy on Tuesday, 13 May 2008 @ 21:36:05
|
Cryptography stuff - PHP Phobos, # Hits: 82658
|