 |
 |
|
 |
|
 |
|
 |
| ||||||||||||||
AccountholdersThese selections are here as a convenience to those who have accounts on this server. For example, you can check your mail. This service is offered over a secure, encrypted connection. Root Certificate InstallationWhen you log in to your email account, your browser will complain that the site you are visiting is not trusted. This is because your browser does not recognize the certification authority that signed this site's server certificate. This is reasonable, because I signed the certificate, not Verisign or Thawte or some other authority whose root certificate ships with the browser you are using. These companies charge a non-trivial fee for signing server certificates, which is also reasonable, because they must perform research to determine that you are who you say you are when you apply for a certificate. For non-commercial sites, a suitable alternative is to become a mini-Certificate Authority. This is what I have done. If you want to stop the browser warnings, you can download and install my Root Certificate. But don't do this before reading the following: Why Installing This Root Certificate is Not a Good IdeaIf you do not know me personally, or do not have an account on this server, you should not install this certificate. If you install this certificate, your browser will unconditionally accept any certificate I sign. If I sign one for, say, www.yourbankhere.com, and can trick your browser into visiting MY site instead of your bank's site, your browser will blithely accept my site as really being your bank. To the extent that I can successfully impersonate your bank's website, you are at my mercy. If you do not know me personally, or do not have an account on this machine, do us both a favour and do not install this certificate. This topic was discussed a while ago on Slashdot; see this post and also the responses to it. |