Re: Getting a CA signed certificate for gnome.org

[Tim Ney <ten gnome org>]

Hey Owen,

Does GNOME have a certificate now?  Thanks to Fernando Usero and Jaime
Anguiano Olarra, we are ready to implement an on-line "Friends of GNOME"
(on guadec.org & gnome.org)and GUAD3C "Sponsor a Hacker" donations (only
on guadec.org) program through PayPal.  While the actual transaction
will be made on PayPal's server, Jose recommends it would be good to
encrypt details like names and how much someone donates (some people may
want to remain anonymous.)  

tim


On Sun, 2001-09-23 at 13:55, Owen Taylor wrote:

> In default of better-informed advice, I would plan to:
> 
>  - Get a certificate from Thawte (now that they are a verisign
>    subsidiary, there is no "go with the little guy" advantage  
>    here, but they are well-accepted and relatively cheap - 
>    $100/yr + $25 initially.)
> 
>  - Get a single certificate for secure.gnome.org, which will
>    give us some flexibility if we move the secure web server
>    around.
> 
>    A wild-card certificate for *.gnome.org is possible, but
>    would be more expensive, there would be some compatibility
>    problems, and I doubt we'll want ever need to have more than 
>    2 secure servers or so in total.
> 
>  - Pay for initial certificate myself to keep things simple.
> 
> The paperwork doesn't look hard - we'd just need to fax them
> a copy of our incorporation documents, and I should be able
> to arrange the details with Tim.