I recently discovered CAcert.org, a group that will give free certifactes not only for email (like Thawte) but also for servers! It’s even possible to get a code signing certificate and have them sign your PGP key. The downside is that there really aren’t any major browsers that have their root certificate listed as trusted by default. There are a few linux distributions and a couple of smaller browsers, but nothing mainstream. Even still, it does provide some value over doing everything self signed because anybody who’s ever added the cacert root certificate to their browser’s store will automatically be able to see that my certificate is valid. This would not be the case if my certificate was simply self-signed. So, because it’s free (well, other than the notery fees and postage) I went ahead and used the Trusted Third Party method of getting assured. I’m now the second listed assurer in the state of Michigan! At some point I need to set up a page with my public keys on it in addition to information about meetings for getting other people assured (and doing PGP key signing).