Re: OT: is it possible for an individual (not a business) to get a valid SSL certificate
On Thu, Jul 26, 2001 at 10:50:41AM -0400, Noah wrote:
On Thu, 26 Jul 2001, Jim Mercer wrote:
i want to get a useful SSL certificate for my personal webserver. (and have customers who would like to do so as well).
i've talked to cibc.com/verisign, the canadian verisign affiliate, and they tell me they can only do certificates for registered businesses.
You may want to give equifax a shot (http://www.equifaxsecure.com/). They have a "Non-Government Organization" category, which requires letterhead from the CEO of the company confirming proof of right. They also have the mondo-spiffy wildcard caertificates (cert works for *.domain.dom).
while it would be trivial for me to go out and register "Jim Mercer & Company" as a proprietorship ($50 CDN registration fee for 5 years i think), i fail to see why this is necessary. a person is a business, in that it is a taxable entity, can incur debt, etc, etc, etc. should a copy of my passport not suffice? as a follow-up, i eventually ended up talking to the Toronto office of Thawte, and they will accept: - passport/drivers license - bank statement, tax roll notice or other paper showing address and "existence" - paper letter from the admin contact of the domain deeming the individual as responsible for the SSL certificate (if the individual's name does not appear as the "owner" of the domain). after some discussion, it was agreed that a passport would double both as verification of ID, as well as certification of recognition by an outside entity (ie. the government). as such, i can likely get an SSL certificate with just my passport, drivers license (as a secondary piece of documentation) and a letter deeming me as responsible for the domainname (as my name does not actually exist as the registrant, but i am the admin contact).
There's also www.freessl.com, but their cert only works with IE5.01 or better.
is netscape going to add them as a default as well? -- [ Jim Mercer jim@reptiles.org +1 416 410-5633 ] [ Now with more and longer words for your reading enjoyment. ]
as such, i can likely get an SSL certificate with just my passport, drivers license (as a secondary piece of documentation) and a letter deeming me as responsible for the domainname (as my name does not actually exist as the registrant, but i am the admin contact).
a letter from whom to whom? a company that places faith in a letter they ask you to write yourself is just poor in my eyes. me: i need to do so-and-so. them: and how do we know you're qualified to do that? me: i have a letter that i wrote to myself that says i am. them: oh, very well. sounds...flimsy. -- |-----< "CODE WARRIOR" >-----| codewarrior@daemon.org * "ah! i see you have the internet twofsonet@graffiti.com (Andrew Brown) that goes *ping*!" andrew@crossbar.com * "information is power -- share the wealth."
On Thu, Jul 26, 2001 at 11:13:38AM -0400, Andrew Brown wrote:
as such, i can likely get an SSL certificate with just my passport, drivers license (as a secondary piece of documentation) and a letter deeming me as responsible for the domainname (as my name does not actually exist as the registrant, but i am the admin contact).
a letter from whom to whom? a company that places faith in a letter they ask you to write yourself is just poor in my eyes.
me: i need to do so-and-so. them: and how do we know you're qualified to do that? me: i have a letter that i wrote to myself that says i am. them: oh, very well.
sounds...flimsy.
yes/no. this is standard practice for the domain registrars, and other elements of business. i'm often required to send a letter on "letterhead". i don't have letterhead, let alone an identifying logo for any of my companies. so, i just put the company name in big letters at the top of the letter, date it, sign it. -- [ Jim Mercer jim@reptiles.org +1 416 410-5633 ] [ Now with more and longer words for your reading enjoyment. ]
<PRE><!-- for those mail clients that will try to read this as html> <HTML> <BODY> <H1><font face="Arial,Helvitica" color="blue"><i>Microsoft</i></font> <font face="Arial,Helvitica" color="black" >1 Microsoft Way <BR> Redmond, WA</font> </BODY> </HTML> </PRE> Like Magic, there's the Microsoft Logo (roughly). Just make one up. Curtis On Thu, 26 Jul 2001, Jim Mercer wrote:
On Thu, Jul 26, 2001 at 11:13:38AM -0400, Andrew Brown wrote:
as such, i can likely get an SSL certificate with just my passport, drivers license (as a secondary piece of documentation) and a letter deeming me as responsible for the domainname (as my name does not actually exist as the registrant, but i am the admin contact).
a letter from whom to whom? a company that places faith in a letter they ask you to write yourself is just poor in my eyes.
me: i need to do so-and-so. them: and how do we know you're qualified to do that? me: i have a letter that i wrote to myself that says i am. them: oh, very well.
sounds...flimsy.
yes/no.
this is standard practice for the domain registrars, and other elements of business.
i'm often required to send a letter on "letterhead".
i don't have letterhead, let alone an identifying logo for any of my companies.
so, i just put the company name in big letters at the top of the letter, date it, sign it.
-- ------------------------------------------------------------ Curtis Maurand System Administrator lamere.net Powered by Prexar http://www.lamere.net mailto:curtis@lamere.net Linux, OS/2, Windows (any flavor) http://www.prexar.com Cisco, OpenRoute, Lucent MySQL, SQL Server, PHP, Perl ------------------------------------------------------------
----- Original Message ----- From: "Jim Mercer" <jim@reptiles.org> To: "Noah" <sitz@onastick.net> Cc: <nanog@merit.edu> Sent: Thursday, July 26, 2001 11:05 AM Subject: Re: OT: is it possible for an individual (not a business) to get a valid SSL certificate
On Thu, Jul 26, 2001 at 10:50:41AM -0400, Noah wrote:
On Thu, 26 Jul 2001, Jim Mercer wrote:
i want to get a useful SSL certificate for my personal webserver. (and have customers who would like to do so as well).
i've talked to cibc.com/verisign, the canadian verisign affiliate, and
tell me they can only do certificates for registered businesses.
You may want to give equifax a shot (http://www.equifaxsecure.com/). They have a "Non-Government Organization" category, which requires letterhead from the CEO of the company confirming proof of right. They also have
they the
mondo-spiffy wildcard caertificates (cert works for *.domain.dom).
while it would be trivial for me to go out and register "Jim Mercer & Company" as a proprietorship ($50 CDN registration fee for 5 years i think), i fail to see why this is necessary.
a person is a business, in that it is a taxable entity, can incur debt, etc, etc, etc.
should a copy of my passport not suffice?
as a follow-up, i eventually ended up talking to the Toronto office of Thawte, and they will accept:
- passport/drivers license - bank statement, tax roll notice or other paper showing address and "existence" - paper letter from the admin contact of the domain deeming the individual as responsible for the SSL certificate (if the individual's name does not appear as the "owner" of the domain).
after some discussion, it was agreed that a passport would double both as verification of ID, as well as certification of recognition by an outside entity (ie. the government).
as such, i can likely get an SSL certificate with just my passport, drivers license (as a secondary piece of documentation) and a letter deeming me as responsible for the domainname (as my name does not actually exist as the registrant, but i am the admin contact).
There's also www.freessl.com, but their cert only works with IE5.01 or better.
is netscape going to add them as a default as well?
-- [ Jim Mercer jim@reptiles.org +1 416 410-5633 ] [ Now with more and longer words for your reading enjoyment. ]
Lets try that one again, this time replying to the message :)
There's also www.freessl.com, but their cert only works with IE5.01 or better.
is netscape going to add them as a default as well?
They (FREE SSL) claim that IE 5.01 has 70% penetration. Anyone agree with that number?
participants (4)
-
Andrew Brown -
Curtis Maurand -
Jim Mercer -
Wojtek Zlobicki