Re: Certificates -Annoyed
- From: "Andrew Faust" <aef123@xxxxxxxxxxxxxxxx>
- Date: Wed, 4 Mar 2009 13:49:37 -0700
There are cheaper alternatives to verisign such as RapidSSL. You can even get free ones by generating them yourself or using sompelace like StartCom.
It actually looks like you are mixing several different things. .Net code signing is different from a verisign SSL certificate.
You don't need to purchase a certificate from anyone to sign your code. Just generate your own key-value pair.
I agree that Verisign is overpriced. However, you aren't actually paying them for the certificate. What you're really paying them to do is to vouch for you. Depending on how much you pay, they do various levels of due diligence to ensure you are who you say you are.
A certificate you generate yourself for free is every bit as secure from an encryption standpoint.
Andrew Faust
"Miro" <miro@xxxxxxxxx> wrote in message news:#WJksf1lJHA.3876@xxxxxxxxxxxxxxxxxxxxxxx
Is it just me, or is it just easier and cheaper not purchase a certificate from someone like verisign..
Perhaps I am missing the full reason for them, but I think my simple 'new solution' is the correct train of thought.
Please let me know if I am wrong - as my solution would not verify that the software came from you.
To fork over another 500 bux or so for a 'certificate' is ridiculous.
It strikes me as odd, that code signing is still popular, and why something isn't invented that points back to your .com domain name, that can verify that the software is yours.
For example, you put a datafile on your webserver that gets hit by your installation with a secure password and login.
Only you know the password / login and location of this file.
When the installation loads, ( and in it you specify the file / login / password ) in your .com, the login would either pass or fail.
A pass means that the software is yours.
A fail, means it is not.
Seems pretty simple to me, and pretty hard for someone to fake - as you are the only owner of your .com domain.
----just me rambling...
I just seem a bit ticked off that other people are profiting off a little digital certificate that really could have been invented better so that it didnt need to be created in the first place.
Anyone know of the cheapest place to get a certificate?
Miro
- Prev by Date: Classic ASP, ASP.NET, and Session Variables
- Next by Date: Accessing PrintDocument.DefaultPageSettings properties is slow
- Previous by thread: Classic ASP, ASP.NET, and Session Variables
- Next by thread: Accessing PrintDocument.DefaultPageSettings properties is slow
- Index(es):
Relevant Pages
|
Loading
