X.509 Certs For Personal Use
morrowc.lists at gmail.com
Sat Feb 18 12:57:25 CST 2012
On Sat, Feb 18, 2012 at 10:44 AM, John Peach <john-nanog at johnpeach.com> wrote:
> On Sat, 18 Feb 2012 14:27:05 +0100
> Phil Regnauld <regnauld at nsrc.org> wrote:
>> toor (lists) writes:
>> > I use http://www.startssl.com/ for all my personal certifcates. I have
>> > not had any issues with the validations (once you have an account you
>> > can validate a domain by sending an email to a predefined list of
>> > contact addresses) and the certificates are issued instantly.
>> "Your request is being held up for review by our personnel".
>> Up to 6 hours. Must be their definition of instant :)
> It's nice to see that they actually do random reviews, rather than just
> issuing everything requested. I use startssl and have not had anything
> held for review.
I've had most of mine held, but almost always I get a response in side
of 20 mins. Really, what I care about here is:
1) cert validates in almost all clients (mozilla/chrome/mail.app)
2) controlled/secured by my key, not something made up on the server side
3) not paying money for random bytes.
it works and eddy's pretty quick on requests.
More information about the NANOG