The last time I was writing this page was almost three years ago, so thought it was part time it got revamped
The web can be a dangerous place if you don't take care of your information, password especially, the prime example in recent memory was FireSheep which was able to hijack your connection to Facebook, among others. This was made possible by the fact your connection was over an encrypted channel, such as https. Non encrypted traffic can be views, man in the middle attacks, by any means not just websites. With this in mind I wanted to secure all my services web and email.
Some of the good ones will run checks and verify the person or domains identify. This can be as much as official id checking and bank accounts to sending an email with a link. Hence the cost of these certificates goes from pennies to thousands a year and your computer will trust both equally.
My original reason for creating my own authority was just that, the cost. Even paying pennies for something I was capable of my self was too much, and when I added up the number of domains I wanted to protect it was far too much. Since then costs have come down and the number of domains has reduced, but I'm still running the authority. Partly the cost is still to high when i do it myself but mostly its a case of policy.
For a certificate that does any real id checking the cost spirals and I feel a certificate signed when no checking has been done is worse than self signed, its practically the same thing - granted it'd stop you getting a cert yo Facebook but that's about all - and when you view one of my sites I want you to know I trust it.
I'm going to create guidance on how I manage it and store it for those interested. I'll also publish information on what keys I sign, and how I verify the individual when required.
Bellow are my three certificates Root, Domain and Infrastructure but in most cases you'll only need the first two. I also keep an active Certificate Revocation List for each at ssl.research.nxfifteen.me.uk
|Certificate Authority||Sub Authorities||Downlad||GPG Signature|
|HTTPS Everywhere Profile||application/xml (1.15 KB)||2013-Feb-18||2|
Find out what's happening, right now, with the people and organizations you care about.