Rangboom Certificate bugs me

calendar Posted on January 7, 2007   comments 3 Comments

How much attention do you (should you?) pay attention to certificates when visiting secure sites? If your browser squawks, do you care or do you stop?

I recently stumbled over Rangboom which seems to be an alternative or competitor to Hamachi (whom I’ve written about many times). Their tag line is “Ad-hoc Virtual Networks” and a glance at the front page looked interesting. And free, I like free.

Rangboom cert warningTonight I decided to take it for a spin and see how it compares to Hamachi. Upon clicking the “Sign Up” link, however, I get a certificate warning (from FF2, IE7 and Opera9). It seems their certificate is self-issued. Traditionally, that’s where I stop and move on to something else.

Now, I realize a self-issued cert is not the end of the world, but it definitely gives me pause. I’m about to (presumably, I haven’t seen the next screen yet) enter some personal info and a password. Wouldn’t I rather see a real certificate on the SSL connection? Is this just because they’re new or young? An oversight? A hesitancy to pony up the big bucks for a cert (and they ain’t all that cheap!)?

Or does it really matter…

What’s your take? What do you do when the browser hollers about certs?

tags Tags: , , ,

Related Posts Possibly Related Posts

Comments

3 Responses to “Rangboom Certificate bugs me”

  1. fs on January 10th, 2007 3:06 am

    If my browser yelps, I take a peek at it, but I really don’t get alarmed. The only real difference in certs you see out there is price and realistically the probable gain from any sort of scam will more than cover the hundred dollars needed to buy a name cert like Thawte. The average user (the one who really could benefit from certs) is going to see these types of alerts so often they will just click through.

  2. Skip Tavakkolian on January 10th, 2007 1:00 pm

    Frankly, I was a bit surprised at our sudden notoriety due to a mention in a Slashdot discussion. We have not made a general announcement about our service and would certainly have had a conventional certificate — rather than the self vouching one — before such an announcement. We know trust is an important element of our service. Our certificate now can be verified by browsers to a trusted CA.

    Thanks,
    -Skip

  3. Chris on January 10th, 2007 1:14 pm

    Skip - that’s great to hear.

    And ‘grats on the noteriety. :-)

Leave a Reply




Have you read the Comments section on the Disclaimer page?

About

Wandering the Internet, looking at all things bright and shiny. Playing with many, writing about some. More …

Recent Posts

Recent Comments: