I found this http://www.eugridpma.org/ which looks a bit more oficial.
John
________________________________
From: Testbed Support for GridPP member institutes on behalf of Stephen Burke
Sent: Mon 10/5/2009 9:57 PM
To: [log in to unmask]
Subject: Re: email encryption
Testbed Support for GridPP member institutes
> [mailto:[log in to unmask]] On Behalf Of Henry Nebrensky said:
> Is there a list of where to find these somewhere (... and how would I
> trust it?)?
There is a list, here:
https://www.tacar.org/repos/
As to how you know to trust it ... well, for a start that site has a certificate
signed by a "real" CA, and you can read the documentation on the site about how it
works. And the host name is "well-known", at least to those people that know it :)
Alternatively you have the CA RPM that every site installs, and presumably trusts
...
> It's a bit embarrassing when dragging new users on to Grid to
> have to give
> them the 'treat your certificate with the utmost care' bit, only to
> promptly have to tell them to ignore the security warnings from the
> GGUS/CIC/SAM sites... :(
Indeed - people shouldn't be trained to ignore the warnings, especially since they
might then do the same for e.g. web sites masquerading as bank or credit card
sites. If you have to do that it's better to make a decision once that you trust
it and install the certificate, than ignore the warning every time.
Stephen
--
Scanned by iCritical.
|