Can I trust GeoTrust?

#1 (**permalink**) 12-02-2006, 03:18 AM

Hi,

We are contemplating getting an SSL cert from Geotrust --
http://geotrust.com/products/ssl_cer.../quick_ssl.asp. But when
I look at IE 6's trusted certificate authority and intermediate
authority list, I don't see anything that says "GeoTrust". Are they
known by another name or am I looking in the right place (Tools ->
Internet Options -> Content -> Certificates -> Trusted/Intermediate
Cert Authorities)?

Thanks for any guidance you can provide, - Dave

#2 (**permalink**) 12-02-2006, 04:41 AM

laredotornado@zipmail.com writes:
>We are contemplating getting an SSL cert from Geotrust --
>http://geotrust.com/products/ssl_cer.../quick_ssl.asp. But when
>I look at IE 6's trusted certificate authority and intermediate
>authority list, I don't see anything that says "GeoTrust". Are they
>known by another name or am I looking in the right place (Tools ->
>Internet Options -> Content -> Certificates -> Trusted/Intermediate
>Cert Authorities)?

Yes, Geotrust is AKA Equifax.

They should have browser support back to IE 5.01, Netscape 4.51 and
Opera 7, and all versions of Safari and Firefox or higher in all of them.

I'd hate to think anybody running anything earlier than that, and
actually expecting anything to work on the Net nowadays.

#3 (**permalink**) 12-02-2006, 12:34 PM

laredotornado@zipmail.com wrote:
> Hi,
>
> We are contemplating getting an SSL cert from Geotrust --
> http://geotrust.com/products/ssl_cer.../quick_ssl.asp. But when
> I look at IE 6's trusted certificate authority and intermediate
> authority list, I don't see anything that says "GeoTrust". Are they
> known by another name or am I looking in the right place (Tools ->
> Internet Options -> Content -> Certificates -> Trusted/Intermediate
> Cert Authorities)?
>
> Thanks for any guidance you can provide, - Dave
>
Just a little note I got from a friend, if you are looking for another
certification agency, avoid cacert as well, they want you to store your
private keys on their servers. bad deal. they don't need them! and they
can assume your identity then.

#4 (**permalink**) 12-04-2006, 07:39 AM

Sebastian Gottschalk wrote:

> And they've been aqquired by VeriSlime. But even before, they were
> scumbags, even being proud of demonstrating how they circumvented their
> very own policies.

never heard of them, what do you mean by that?
sounds scary.

#5 (**permalink**) 12-11-2006, 10:26 AM

In article <457180c9$1@wish-server>, MC <nospam@removeme.wolfbeast.com> wrote:
>Just a little note I got from a friend, if you are looking for another
>certification agency, avoid cacert as well, they want you to store your
>private keys on their servers. bad deal. they don't need them! and they
>can assume your identity then.

I'm curious where you came up with the idea that CAcert requires your
private key. Do you have a URL or two at cacert.org where there is a
form that requests, never mind requires, a private key certificate?

--
Gregory Pratt gp@panix.com
East Rutherford, NJ, USA http://www.panix.com/~gp/
"The only good spammer is a dead spammer."
PGP Key Fingerprint: DC60 FCDE 91E2 3D41 91A3 45DB B474 3D3A 3621 AAFE