Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!


Click here to return to the 'Message to the EDITOR!' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
Message to the EDITOR!
Authored by: lsloan on Jan 30, '03 10:25:20AM

Okay, so you're trying to say that if a reader doesn't understand a hint, they probably don't need to use that hint, right? I respectfully disagree.

There are good reasons why somebody who is basically clueless about self-signed certificates, PEM, and DER formats would want or need to add certificates to their keychain. For example, where I work, secure websites that are under development use self-signed certificates created locally. When we invite users to test these websites, we don't know which OS or web browser they will be using. Until a few people pointed out how to do this, people who used Safari couldn't test those websites.

I don't fault either the original poster of this hint or the editor for not knowing how much detail should have been given. However, I do think that the first person to respond to the hint should have remained calm and politely asked for more information.



[ Reply to This | # ]
Message to the EDITOR!
Authored by: professor on Apr 05, '03 11:38:06AM

If you are going to start adding CA Certs to you keychain, then you must have received instructions as to where to download the (PEM or DER formatted) Certificate, and you bloody well should know how to check the MD5 fingerprint of the Certificate, etc.

If you don't know what the words in the above paragraph mean (or, at least, if you have not received explicit, detailed step-by-step instructions), then you shouldn't be adding CA Certs to you keychain.

It takes only a minute or two to do a Google search to find out what all of the above means. This is not an undue burden on the reader(s) of this hint.



[ Reply to This | # ]
Message to the EDITOR!
Authored by: mikemcc on Jul 14, '03 04:29:12PM

As a developer and administrator of internal applications, I am too cheap to spring for a Verisign or Thawte certificate. I therefore assume the responsibility of establishing the trust relationship that the certificate implies.

I use a self-signed CA to sign the certs which protect many of the internal applications at my company. Working with the Windows administrators, it was relatively easy to push out the CA certificate to Windows desktops, which are now completely happy with internal SSL enabled apps.

Hopefully my soon-to-be-purchased OS X server will permit similar remote administration gains for the Mac users at my company. Until then, I will perform this certification manually, on an as-needed basis, using local admin accounts on the target hosts.

It would be a complete waste of time to explain the inner workings of public key cryptography to the information architects, designers, and production artists who use Mac OS X to access secure intranet sites at my company. The information imparted would not help them to do their primary jobs, the jargon-filled conversation would annoy them, and I would still need to perform the commands myself, just so that I could test and verify correct behavior. It will be quicker, less painful, and more professional for me to handle that issue myself.



[ Reply to This | # ]