The Cellar - View Single Post

Undertoad · 04-15-2004, 07:44 AM

You can accept a non-certified certificate OK, it's not a security risk. All it means is that they generated their own certificate instead of getting one from Verisign or another secure cert vendor. The connection is secure between you and them, but the bottom line is that nobody has verified that they are who they say they are.

I have a delay in one of my projects because the guy didn't have current documentation to prove that his "doing business as" was valid. He said he was "XYZ, Ltd." but without the document from the state that said he was d.b.a. XYZ Ltd, they wouldn't issue the cert.

04-15-2004, 07:44 AM	#4
Undertoad Radical Centrist Join Date: Jan 2001 Location: Cottage of Prussia Posts: 31,423	You can accept a non-certified certificate OK, it's not a security risk. All it means is that they generated their own certificate instead of getting one from Verisign or another secure cert vendor. The connection is secure between you and them, but the bottom line is that nobody has verified that they are who they say they are. I have a delay in one of my projects because the guy didn't have current documentation to prove that his "doing business as" was valid. He said he was "XYZ, Ltd." but without the document from the state that said he was d.b.a. XYZ Ltd, they wouldn't issue the cert.