Toxik - Fabian Rodriguez writes:
> Day 4 (PM): Certificate is delivered in *clear text* via email to tech
> contact
>
> The only concern is that the cert is not delivered via a web site /SSL, of
> course it's pass-phrase protected but this is a noticeable difference with
> Thawte, where everything happens via an SSL/password-secured site (including
> status).
The cert part is available clear text from your webserver simply by asking
it for the security properties. This is not the part you want to secure. The
private key should have stayed with you when you submitted the CSR. It's the
combination of the private key (which you always keep secure) and the cert
that makes the site secured and authenticated. There is no reason to
transmit the cert SSL or otherwise encrypted.
Otherwise, I'm happy to hear you've had a good experience. I have had the
ability to resell the certs for some time now but haven't dared for fear of
losing customers. I hope to hear more good stories about Entrust to build
confidence.
-Eric P.
-- arctic bears - email and name services 25 email addresses@yourdomain CA$11.95/month DNS starting at CA$3.49/month - domains from CA$25.95/year for details contact info@arcticbears.com or visit http://www.arcticbears.com
This archive was generated by hypermail 2.1.3 : Tue Oct 19 2004 - 23:37:13 EDT