A
Andrew Thompson
I found this on google
http://www.suitable.com/docs/signing.html
There is lots of stuff on Google, of varying quality.
Those pages tend towards the 'crap'.
<http://www.suitable.com/docs/signingoverview.html#CAs>
This states "Your last option is to create test
certificates[1]. These are free (good), but won't be
recognized unless you prepare your browser
(inconvenient, and perhaps unsecure). "
[1] For 'test' read 'self-signed'
Rubbish.
The end user is presented with a dialog asking them
if they want to aceppt the code. If they click 'yes',
it has full priviliges, End Of Story.
That same advice is echoed in the document to which
the first links.
The question is there any legal, moral reason why should not be able to
produce code signitures for own web sites?
Nobody has suggested otherwise until now.
...This makes me wonder if you really understand the nature
and purpose of these certificates. Nobody cares if you (or
I) want to produce 1000, or 10,000, self-signed certificates,
or any number of certificates verified by a CA (at phenomenal
cost).
The only issue would be if someone managed to find a way
to issue digital certificates that *claimed* to have been CA
verified, but were *not*. That would both ruin the perception
of security that the digital identities are supposed to ensure,
and be very bad for the CA from a business POV.