Cynical Certificates

Do be aware that by assigning trust to one of our certificates, you will tell your browser or other client program to trust us to a certain extent. It's difficult to explain this in a non-technical way without resorting to vigorous hand-waving, so if you are a paranoid sort, you may want to get technical advice before proceeding. If you do have a technical grounding, you may want to visit our Policy Pages for more information and, perhaps, some reassurances.

Which Certificate Root Should I Trust?

• The Cynical Signing Certificate (indirectly) signs all certificates for persons and services directly belonging to The Cynics. This includes both certificates for servers and services, and for persons and client agents. The Signer Certificate does not support any certificates we may issue to third parties.
• The Cynical Servers Certificate directly signs all server certificates for services provided by The Cynics. This includes our secure web server, secure IMAP server, and so on. Trusting it will trust all services provided by The Cynics, but not any of our user certificates nor services provided by others, even those we ourselves trust.
• The Cynical Users Certificate directly signs all certificates that we, the Cynics ourselves, use to identify ourselves to servers. This includes various mail and SSL certificates, as well as other client side certificates. Trusting this certificate will make your software trust our identity as persons in (for example) secure e-mail. It will not establish trust for our servers, nor for anyone not directly belonging to the Cynics.
• The Cynical Root Certificate is the root of all our X509 trust hierarchies. If you trust this certificate, you will trust everything we sign, directly or indirectly. In other words, you will trust the people, servers, and organizations we choose to trust, including those who do not directly belong to us. Think carefully before you pick this one.

I Want To Know More!