|MHenke on Apr 16, 2007 at 12:55:19 AM (# 1)|
My (personal) opinion: Yes, it does.
I'd say that the use of HTTPS (over SSL/TLS) is appropriate wherever any kind of personal data is processed. An email address belongs to that kind of data.
It's not only a personal opinion, AFAIK thats backed up by legislation (or at least recommendations) in several countries (well, at least Germany).
Plus, it should by no problem tu utilise HTTPS nowadays.
apfwebs on Apr 18, 2007 at 11:54:20 AM (# 2)
I see, though, that Verisign costs $95 per year. I guess I will look for something rather less expensive...
BachusII on Apr 18, 2007 at 2:29:39 PM (# 3)
brian on Apr 19, 2007 at 12:49:36 AM (# 4)
$95 is not really that much but I think you can get 2 years for a little more and I'm sure I saw a company offering 10 years for like $250. I can't think where though. As for cacert - it's fine for testing and development but it's untrusted which makes it basically useless unless they can be added to the trusted list...
BachusII on Apr 19, 2007 at 8:55:23 AM (# 5)
Which they are working on right now. Mozilla is supposed to add them sometime this year I believe, and they are trying to get it in a M$ update.