Trust Thawte?

1124682571000

Thawte proudly says everywhere on their site that 'it's a trust thing'. The question is can they be trusted?

Recently I signed up with thawte's reseller program. The sign up process was protected by SSL. These guys after all are the people who issue SSL certificates, code signing certificates and all kinds of other certificates that we have not even heard about.

When signing up you need to enter a username and password (duh obvious). The page is protected with SSL (equally obvious). What is not equally obvious is why they mailed me back my own password in the clear text.

Can an organization that wants to you spend all your money to secure your site and then promptly mails you account information over an insecure channel be trusted?

comments powered by Disqus