Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Sign In Register

Quick Links


Categories

In this Discussion

Safe to use Personal ID SSLs?
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

Safe to use Personal ID SSLs?

century1stopcentury1stop Member
in General

As the title goes, what do you think? any experience? I for one am quite reserved over the fact personal information will be exposed over internet.

Comments

  • CasterCaster Member

    Not everything.
    its more or less like OpenID .
    You never used wosign/startssl ?

  • century1stopcentury1stop Member

    @RockBeltHOST wosign yes, startssl no. but from information I got, name plus other details will be listed in the certificate. rather risky, don't you think?

  • CasterCaster Member

    @century1stop said:
    RockBeltHOST wosign yes, startssl no. but from information I got, name plus other details will be listed in the certificate. rather risky, don't you think?

    as far i know name and email id only and maybe dob too

  • century1stopcentury1stop Member

    @RockBeltHOST I've checked Startssl and domeny, it's name plus other stuff, not sure what (not clarified). from my point better safe than sorry, scammers nowadays are very progressive.......

  • CFarenceCFarence Member

    @RockBeltHOST said:

    @century1stop

    I use startssl have class 2 with them. The certificate lists my first and last name, city and state. But that is all normal certificate stuff, since I don't have a company address it lists my city and state. Startssl has my date of birth and full address nothing too sensitive. I have 7 or 8 wildcard certificates with them.

    Thanked by 1century1stop
  • century1stopcentury1stop Member

    is it or is it not possible for someone over the internet to use such details in forged documentation?

    @CFarence said:
    I use startssl have class 2 with them. The certificate lists my first and last name, city and state. But that is all normal certificate stuff, since I don't have a company address it lists my city and state. Startssl has my date of birth and full address nothing too sensitive. I have 7 or 8 wildcard certificates with them.

  • CFarenceCFarence Member

    @century1stop said:
    is it or is it not possible for someone over the internet to use such details in forged documentation?

    Maybe, but if you really wanted my name there are many places you can find it.

  • century1stopcentury1stop Member

    quite true, but I'm rather reserved with the idea of providing id / passport / driving license to any party unless really necessary plus since such information may be seen/used by thousands, no single party can be held responsible

    @CFarence said:
    Maybe, but if you really wanted my name there are many places you can find it.

  • CFarenceCFarence Member

    @century1stop said:
    quite true, but I'm rather reserved with the idea of providing id / passport / driving license to any party unless really necessary plus since such information may be seen/used by thousands, no single party can be held responsible

    I see what your saying, I've seen many things said about startssl for instance. For me I'm not too concerned about it. Startcom, they are their own trusted root, their root certificate is in every major OS by default. If they are leaking/stealing peoples info their root would be revoked out of windows, linux, mac and other distributions.

    I would be concerned with giving a lot of details to a random CA that's signed by anther CA or something.

    That's just my take on that, I'm sure there is people that would disagree.

  • century1stopcentury1stop Member

    I'll be one that disagree :)
    thanks for your opinion

    @CFarence said:
    That's just my take on that, I'm sure there is people that would disagree.

Sign In or Register to comment.