[ale] https

Dow Hurst dhurst at kennesaw.edu
Thu Feb 14 18:16:56 EST 2002


An important issue with ecommerce and public sites is that a customer or
person who doesn't know you is accessing your site.  Their browser, IE
or Netscape, will have the public keys builtin for Versign or Thawte
certificates.  If you have a self signed certificate presented to the
browser, it will not have the public key available to verify it
internally.  This makes the browser warn the user with a dialog stating
the certificate is possibly bogus but definitely signed by a unknown
authority.  This is a dialog most companies selling products cannot
tolerate.  I need to look at OpenCA but I still would think that IE and
Netscape would need to have your public key available in their files
before the certificate is presented for the type of user experience that
most companies want their customers to have.
Am I all wet here?  I think this is the bottom line for paying the bucks
for the Versign CA.  Thanks,
Dow

"D. Alan Stewart" wrote:
> 
> I need to get a handle on https. I've already secured the private portion of my
> club's web site with the htaccess method. As I understand https will encrypt
> data being transferred between client and server, making it difficult to
> intercept passwords. However, I guess if the rest of the private pages are not
> https, someome could still intercept private information, so maybe all the
> private content should be accessed through https.
> 
> How do you enable https? I understand that you need a 'certificate', and I've
> heard free ones can be had. How do you get one and how do you use it to
> enable https? Does it require the cooperation of my ISP? He is running
> apache.
> 
> Any help is greatly appreciated.
> 
> D. Alan Stewart
> Layton Graphics, Inc.
> 155 Woolco Dr.
> Marietta, GA 30062
> Voice: 770/973-4312
> Fax: 800/367-8192
> FTP: ftp.layton-graphics.com
> WWW: www.layton-graphics.com
> 
> "As far as the laws of mathematics refer to reality, they
> are not certain; and as far as they are certain, they do
> not refer to reality." - Albert Einstein
> 
> ---
> This message has been sent through the ALE general discussion list.
> See http://www.ale.org/mailing-lists.shtml for more info. Problems should be
> sent to listmaster at ale dot org.

-- 
__________________________________________________________
Dow Hurst                   Office: 770-499-3428
Systems Support Specialist  Fax:    770-423-6744
1000 Chastain Rd.
Chemistry Department SC428  Email:dhurst at kennesaw.edu
Kennesaw State University         Dow.Hurst at mindspring.com
Kennesaw, GA 30144
*********************************
*Computational Chemistry is fun!*
*********************************

---
This message has been sent through the ALE general discussion list.
See http://www.ale.org/mailing-lists.shtml for more info. Problems should be 
sent to listmaster at ale dot org.






More information about the Ale mailing list