How would that be different from using a proper CA signed cert which we already have ?
The difference is that *you* control the CA, not some third party. You want to ensure that your clients only trust *your* CA infrastructure. :-) With a third-party CA, you're beholden to their security requirements (or failures for that matter - look online about the Diginotar incident, you'll get the drift). With Regards Stefan Paetow Moonshot Industry & Research Liaison Coordinator t: +44 (0)1235 822 125 gpg: 0x3FCE5142 xmpp: stefanp@jabber.dev.ja.net skype: stefan.paetow.janet jisc.ac.uk Jisc is a registered charity (number 1149740) and a company limited by guarantee which is registered in England under Company No. 5747339, VAT No. GB 197 0632 86. Jisc¹s registered office is: One Castlepark, Tower Hill, Bristol, BS2 0JA. T 0203 697 5800.