«  
  »

Rangboom Certificate bugs me

How much attention do you (should you?) pay attention to certificates when visiting secure sites? If your browser squawks, do you care or do you stop?

I recently stumbled over Rangboom which seems to be an alternative or competitor to Hamachi (whom I’ve written about many times). Their tag line is “Ad-hoc Virtual Networks” and a glance at the front page looked interesting. And free, I like free.

Rangboom cert warningTonight I decided to take it for a spin and see how it compares to Hamachi. Upon clicking the “Sign Up” link, however, I get a certificate warning (from FF2, IE7 and Opera9). It seems their certificate is self-issued. Traditionally, that’s where I stop and move on to something else.

Now, I realize a self-issued cert is not the end of the world, but it definitely gives me pause. I’m about to (presumably, I haven’t seen the next screen yet) enter some personal info and a password. Wouldn’t I rather see a real certificate on the SSL connection? Is this just because they’re new or young? An oversight? A hesitancy to pony up the big bucks for a cert (and they ain’t all that cheap!)?

Or does it really matter…

What’s your take? What do you do when the browser hollers about certs?

Possibly Related posts:

  1. Hamachi in "Production"
  2. New server, Hamachi Linux
  3. Hamachi Free Version Runs as a Service
  4. Hamachi has some interesting updates
  5. Hamachi VPN as service – why?
January 7th, 2007 Tags: , , ,


3 comments to Rangboom Certificate bugs me

  • fs
    January 10th, 2007 at 3:06 am · Reply

    If my browser yelps, I take a peek at it, but I really don’t get alarmed. The only real difference in certs you see out there is price and realistically the probable gain from any sort of scam will more than cover the hundred dollars needed to buy a name cert like Thawte. The average user (the one who really could benefit from certs) is going to see these types of alerts so often they will just click through.

  • Skip Tavakkolian
    January 10th, 2007 at 1:00 pm · Reply

    Frankly, I was a bit surprised at our sudden notoriety due to a mention in a Slashdot discussion. We have not made a general announcement about our service and would certainly have had a conventional certificate — rather than the self vouching one — before such an announcement. We know trust is an important element of our service. Our certificate now can be verified by browsers to a trusted CA.

    Thanks,
    -Skip

  • Chris
    January 10th, 2007 at 1:14 pm · Reply

    Skip – that’s great to hear.

    And ‘grats on the noteriety. :-)

Leave a Reply

 

 

 

You can use these HTML tags

<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>