[haiku-web] Re: Authentication with Drupal
- From: Oliver Tappe <zooey@xxxxxxxxxxxxxxx>
- To: haiku-web@xxxxxxxxxxxxx
- Date: Thu, 26 Nov 2009 19:13:08 +0100
On 2009-11-26 at 18:25:27 [+0100], Urias McCullough <umccullough@xxxxxxxxx>
wrote:
> On Thu, Nov 26, 2009 at 9:11 AM, Axel Dörfler <axeld@xxxxxxxxxxxxxxxx> wrote:
> > Urias McCullough <umccullough@xxxxxxxxx> wrote:
> >> If we just one a cert for the Drupal site, I vote we go with Godaddy
> >> for free, 1 year, but if we want a cert for all our services on
> >> haiku-os.org - I vote we go with StartCom.
> >
> > Besides the additional user interaction (it's only "accept
> > certificate", right?), what would be the drawback of letting Haiku be
> > the CA?
>
> But that is the drawback...
>
> It's no longer innocently displayed to an end user as "accept
> certificate" - most browsers now produce a screen which nearly
> declares the website as malware. It's not easy to know if the
> certificate being provided to the end user has been signed maliciously
> or not the first time you see it, as there's no authority that the
> browser already trusts verifying its authenticity.
Indeed.
> In any case, it's fine with me, but I think for $40/year it would be a
> lot nicer to give people the peace of mind :)
As I read http://www.startssl.com/?app=40, we'd even get *2* years for $40, or
am I missing something?
cheers,
Oliver
-----------------------------------------------------------------------
haiku-web@xxxxxxxxxxxxx - Haiku Web & Developer Support Discussion List
Other related posts:
