Re: SPDY = HTTP/2.0 or not ?

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 3/26/12 1:41 PM, Ross Nicoll wrote:
> 
> On 26/03/2012 10:22, "Adrien W. de Croy" <adrien@qbik.com> wrote:
> 
>> 
>> ------ Original Message ------ From: "Peter Saint-Andre"
>> <stpeter@stpeter.im> To: "Adrien W. de Croy" <adrien@qbik.com> 
>> Cc: "Mike Belshe" <mike@belshe.com>;"Roy T. Fielding" 
>> <fielding@gbiv.com>;"patrick mcmanus" 
>> <pmcmanus@mozilla.com>;"ietf-http-wg@w3.org"
>> <ietf-http-wg@w3.org> Sent: 26/03/2012 10:03:30 p.m. Subject: Re:
>> SPDY = HTTP/2.0 or not ?
>> 
>>> Could we cut the FUD about needing to pay for certs? There are
>>> indeed providers of free certificates (I won't mention names
>>> for fear of being tarred with a marketing brush).
>>> 
>> 
>> providers of free certs who
>> 
>> a) verify the identity of the entity they issue the certificate
>> to b) have a root cert that's sufficiently well deployed and
>> trusted to be usable
>> 
>> ?  I'd be keen to know more.
>> 
>> if not a (which is incompatible with free) then is it really
>> security?
> 
> I've used StartSSL ( http://www.startssl.com/?app=1 ) as a "better
> than nothing" option for budget-less projects, before. Their
> certificates seem fairly widely deployed (we certainly never had an
> issue with it).

As I said, check the cert at https://stpeter.im/ ;-)



-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.8 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAk9wVikACgkQNL8k5A2w/vzXDACgtCi2ydYCJC04p59DlhGA+M9j
RUoAoKXnQzcKMiyyYhdyHvTiI3qKt6Bw
=DJN7
-----END PGP SIGNATURE-----

Received on Monday, 26 March 2012 11:43:06 UTC