** Reply to message from "Stephen J. Wilcox" <steve@telecomplete.co.uk> on Fri, 9 Jan 2004 13:20:18 +0000 (GMT)
The consolidation of network power in a single company creates its own threat to the critical infrastructure when a single certificate expires instead of being randomly distributed among several different organizations.
I'm not sure whats involved in getting your own root certs added to browser/OS distributions but theres nothing afaik that says Verisign is the sole company providing this, presumably anyone else can agree with MS/whoever to have their root certs added.. ?
I'm looking at the Certificate Authorities in my copy of Mozilla 1.5. I don't think I've added any, but these are the ones that are there: ABA.ECOM, Inc AOL Time Warner Inc. AddTrust AB America Online Inc. Baltimore Digital Signature Trust Co. Entrust.net Equifax Equifax Secure Equifax Secure Inc. GTE Corporation GeoTrust Inc. GlobalSign nv-sa RSA Data Security, Inc. RSA Security Inc TC TrustCenter for Security in Data Networking Thawte Thawte Consulting Thawte Consulting cc The USERTRUST Network VISA ValiCert, Inc. VeriSign, Inc. beTrusted And in IE 6.0 there seem to be about an equal number, many of them the same. So there appear to be alternatives to VeriSign (why is it that most of these companies have two capitals in their names?). I do remember seeing someone elsewhere complaining that he'd been trying to get his root cert added to Mozilla for two years now, so it may not be all that simple. -- Jeff Shultz Loose nut behind the wheel.