in reply to Re: Re: Secure Perlmonks
in thread Secure Perlmonks

Yes, you can self-sign your own certificates and that will do well enough for encryption, but most browsers will not accept it for authentication. That means users will get confusing errors popping up every time the go to log on until they configure their browser to trust the certificate. That kind of stuff scares away users.

Replies are listed 'Best First'.
Re: Re^3: Secure Perlmonks
by allolex (Curate) on Jul 10, 2003 at 01:13 UTC

    Agreed, but we're talking about Perl Monks, right? :) In this hypothetical case (I don't really think encryption is a good idea), we do have some means of instructing people how to install the certificate.


Re: Re^3: Secure Perlmonks
by hatter (Pilgrim) on Jul 18, 2003 at 10:09 UTC
    It doesn't have to be mandatory, there could be an extra link 'Log in via SSL' and mention on that page that the cert is self-signed and thus may cause browsers to whinge.

    the hatter