> > Could be a problem to assume this, as self-signed certificates does not > > require a CA - that'll pick some bucks from you to sign your > > certificates - and it's sure self-signed certificates will be hanging > > around for a while, because they're cheaper than CA signed ones. > > Absolutely -- I use pop3s (and a self-signed ssl cert) for my employees' > email, and I'm sure not going to tithe anually to Verisign or whoever > merely to avoid a one-time warning dialog for my dozen users. I'm sure > lots of other small companies feel the same way. I use http://www.cacert.org/ certificates, and while they have the same problems at the moment with a one time warning dialog eventually they may get included with the browsers etc. I use them for https, smtps, imaps and pop3s. P
