Eric: Thanks for your clarification. But CAN DO is not DO. Many SSL-capable servers are not actually using SSL ( looks like a factor of 10:1). Second, the number 30,000 that I cited was for servers, not web sites, where you need to factor in the virtual servers (as I commented). That number comes from 2001 data published by Certicom and other sources (eg -- company leaflet). True, NCipher for example reports that Netcraft's SSL survey for October 2001 counted over 140,000 web sites offering SSL connections with valid server certificates. Still, when you count web sites (not just servers), don't you think that 140,000 certs/year (of which close to 20% have key lengths shorther than 640 bits) is a very very low number of customers to divide among all those companies selling servers certs? In short, IMO what is important here is that the PKI server cert market is a pin head market that does not justify all the bloated expectations around it. It simply does not size up. Cheers, Ed Gerck Eric Rescorla wrote: > Ed Gerck <egerck@nma.com> writes: > > PS: IMO the PKI market has been grossly exaggerated. There are only > > 30,000 servers worldwide that can do SSL -- which limits PKI server certs > > to that number worldwide, with a factor for virtual server usage. > These numbers sound quite low. Netcraft's 2001 SSL survey reported > 500,000 SSL sites with 121,000 of those having valid third > party certificates. > > Heck, Netcraft's April survey shows 41,000 installations of Stronghold > alone, all of which can do SSL. > > -Ekr > > -- > [Eric Rescorla ekr@rtfm.com] > http://www.rtfm.com/