I just applied for an individual digital signature certificate at
e-Mudhra CA. They have an inaugural offer price of Rs. 248 for a class 3 individual certificate with a validity of two years. The price is good! There is physical presence verification with official documentation at a registration authority (RA) of e-Mudhra, but that should be
(
Read more... )
put off by the following aspects:
- A site that demands IE 6.0 or Netscape 4 is fine if it is casual
browsing. For e-commerce sites, not so! Especially, since these
browsers are mentioned in their terms of service. This sounds too
much like "If the site borks during your transaction and you are
using Firefox then we are not to blame."
- A very Javascript oriented site. Using w3m I needed to look at the
page source just to navigate! I can't/won't voluntarily subject myself
to this when there are alternatives.
- The protocol they use for certificate delivery (we send you a
one-time web access and if you download it, you pay for it) puts
the onus of proof of non-delivery on the recipient. That is not a
proper security protocol. Since strong crypto is available as part
of the whole process they should implement a _real_ protocol.
- The info string for the site indicates that they run IIS which
more or less implies a MicroSoft based server. Disappointing, no?!
Kapil.
Reply
So you use w3m? [plug] You should also give elinks a shot :) [/plug]
The download is not one time (one is allowed to download for upto 15 days) and you can choose to have it snail-mailed with the auth token in email. I'll report on this delivery aspect again later.
Reply
Reply
Leave a comment