Martin Brampton

Earlier this year (it took a lot of effort and several months) I became a "Notary" in the Thawte Web of Trust that allowed me to certify my emails with my name, and also to help authorise others to do the same.

But not long after I'd finished that, Thawte (now part of Verisign) pulled the plug on the whole programme, and instead of Thawte free email certificates said they'd give people a Verisign certificate, and after a year it would cost something like 20 USD per year. Notaries not required.

As I run a number of email accounts, and would like to sign the messages I send in these days of scams and spams, something less costly is needed.

So I decided to go with the wholly free certificate provider CACert that is more or less aligned with the open source movement. CACert is trying to get recognised by the browser/mail software makers, but it's not easy because the standard method is a very expensive audit process that CACert can't afford.

However, I'm hoping that increased interest in non-commercial alternatives will help, and CACert is working through a slimmed down audit process.

If you received an email from me and your mail client said there was something wrong with the certificate, the most likely reason is that you do not have CACert installed as a Certification Authority. I'd like to encourage you to support CACert and to install their root certificate into your browser and email client. You can find instructions on how to do this at http://wiki.cacert.org/BrowserClients.

Want to sign your own emails? CACert will help you, and there are Assurers in most places around the world. I'm proud to be one of them!