>
> Of course the CA has to gain the trust of the users... There are many
> uses for client-based certificates: code signing, user verification,
> email encryption, automatic mapping of user account to personal
> certificates, blah blah blah. The business model of commercial CA's
> is most certainly not limited to server operators only. While
> personal certificate stores come with pre-trusted root certificates
> from many CA's to automatically trust many server-based functions,
> there is a vast market for client certs.
>
Yes, and how many average users do you know of who know this?
I know quite a number of average users and know of absolutely 0 who
would be aware of this.
>
> Of course the CA has to gain the trust of the users... There are many
> uses for client-based certificates: code signing, user verification,
> email encryption, automatic mapping of user account to personal
> certificates, blah blah blah. The business model of commercial CA's
> is most certainly not limited to server operators only. While
> personal certificate stores come with pre-trusted root certificates
> from many CA's to automatically trust many server-based functions,
> there is a vast market for client certs.
>
Yes, and how many average users do you know of who know this?
I know quite a number of average users and know of absolutely 0 who
would be aware of this.
-Barry
[ reply ]