Your Digital Identity Card


Ever since I published “The Added Value” in this web log, interest in the StartSSL™ Web-of-Trust has been growing. More and more members have registered during the summer month and achieved WoT Notary status. I’ve received enthusiastic email messages with encouragements and voicing support for the StartCom certification services in general and the StartSSL™ WoT in particular.

Members of the StartSSL™ WoT which are validated by the community can show of their validations by assigning themselves an OpenID nick name. For example my digital identity nick name is eddyn which results in the OpenID identifier https://eddyn.startssl.com/. Visitors and relying parties visiting the dedicated user page will see my illustrative Identity Card and the various validations I’ve undergone. Users may protect their name and remain anonymous if they wish, instead only show their validation status.

Members with twice or more validations will have their name listed in the StartCom issued S/MIME Class 1 client certificates. Instead of the “StartCom Free Certificate Member” phrase in the common name field, the full name will appear. This is handy for those who want to provide a certain assurance to relying parties as the comparison from below shows:

StartCom Free Certificate Member S/MIME Certificate

Both certificates are perfectly valid, but there is most likely only one Eddy Nigg who will ever send you an email all the others are fake ;-) . Relying solemnly on the email address is cumbersome and prone to failures. It’s more easy to recognize a name. Have your own identity card too and join the StartSSL™ WoT network and let your friends and family be assured about the origin of the sender!

Information and Links

Join the fray by commenting, tracking what others have to say, or linking to it from your blog.


Other Posts
Securing Websites Economically
MITM attacks - do they really happen?

Write a Comment

Take a moment to comment and tell us what you think. Some basic HTML is allowed for formatting.

You must be logged in to post a comment. Click here to login.

Reader Comments

Eddy, what’s about a bit less information about someone when he/she/it clicks on the *.startssl.com page? I do not want to give away my exact full name to anybody…

Did you try to activate the anonymous flag at your OpenID settings? You might need to use a different nickname first and then revert back to your previous one (and activate anonymous).

Couldn’t this apply to Class 1 SSL Server Certificates as well? Instead of Common Name being the website’s address, couldn’t you let people have their verified names there?