[thelist] Homegrown SSL
Liam Delahunty
liam at megaproducts.co.uk
Wed Mar 24 03:31:05 CST 2004
on 24/03/2004 08:41 david.landy wrote:
> Rob,
>
> "Home grown SSL cert"? Sounds v intruiging! I've often wondered how I could
> save myself forking out hundreds of £££ just for the privilege of having a
> secure site. Any clues how to do this?
>
> David
A search with homegrown SSL led to the links below.
to create your own CA:
http://www.pseudonym.org/ssl/ssl_cook.html
Just to generate the cert on a server:
http://www.pseudonym.org/ssl/ssl_server_certs.html#request
http://www.tiad.buffalo.edu/CertRequest.html
Apache-SSL,
http://www.verisign.com/support/tlc/csr/ssleay/v01.html
apache mod_ssl
http://www.verisign.com/support/tlc/csr/modssl/v00.html
These are self signed certificates, for an example visit the site
https://www.onlinesales.co.uk/ and you'll probably get a pop-up from
your browser telling you the certificate is okay but you haven't chosen
to trust the CA. That's why we pay for thawte etc certs as they are
already trusted by most browsers. I've not used them but a cheaper
alternative is geotrust.
Can you do anything about your 13 line disclaimer / signature? At least
put it after two dashes, a space and a newline"-- " so that decent email
clients can either strip it off or (as in Thunderbird) fade it, I also
believe that the digest readers will have it removed automatically (when
I ran a little list it did it automatically)
From: http://www.newsreaders.com/gnksa/gnksa.txt
<quote>
15) Separate signatures correctly, and don't use excessive ones
Posting software SHOULD separate any signature appended to outgoing
articles from the main text with a line containing only `-- ' ("dash
dash space"). To quote son-of-rfc1036:
<<If a poster or posting agent does append a signature to an
article, the signature SHOULD be preceded with a delimiter
line containing (only) two hyphens (ASCII 45) followed by
one blank (ASCII 32). Posting agents SHOULD limit the
length of signatures, since verbose excess bordering on
abuse is common if no restraint is imposed; 4 lines is a
common limit.>>
Hence, posting software SHOULD prevent the user from using excessively
long signatures, or at least warn the user against it. A widely
accepted standard is the so-called McQuary limit: up to 4 lines, each up
to a maximum of 80 characters.
Rationale: Being confronted with (possibly excessively long) signatures
repetitively is, or can be, annoying to many. Being able to separate
the main text and the signature clearly is important, not only to
prevent the possible mistake of misinterpreting a signature, but also to
enable automatic signature suppression for those who wish to do so.
</quote>
--
Kind regards, Liam Delahunty, Mega Products Ltd
12 Bury Place, London WC1A 2JL Fax: +44(0)871 224 7891
http://www.megaproducts.co.uk/ Internet Design & Development
More information about the thelist
mailing list