[olug] Web Site Certificates - OT
Jeff Hinrichs - DM&T
dundeemt at gmail.com
Wed Dec 24 12:48:59 UTC 2008
One other small thing -- Perspectives -
http://www.cs.cmu.edu/~perspectives/firefox.html
"Perspectives is a new approach to help clients securely identify
Internet servers in order to avoid "man-in-the-middle" attacks.
Perspectives is simple and cheap compared to existing approaches
because it automatically builds a robust database of network
identities using lightweight network probing by "network notaries"
located in multiple vantage points across the Internet. "
-Jeff
On Wed, Dec 24, 2008 at 6:40 AM, Jeff Hinrichs - DM&T
<dundeemt at gmail.com> wrote:
> For more in-depth check out
> http://groups.google.com/group/mozilla.dev.tech.crypto/browse_thread/thread/9c0cc829204487bf/e7177bfee11961ec
>
>
> On Tue, Dec 23, 2008 at 3:43 PM, Dan Anderson <dan-anderson at cox.net> wrote:
>> Yea...You'd hope that the browser vendors send out a patch to remove
>> this CA, or the CA at least does a proper revocation - quickly.
>>
>> A CA not properly verifying certs before signing them is _worse_ then
>> self-signing. At least with self-signing the user gets to make a
>> choice about how they want to proceed (even if they probably don't
>> have enough info to make an informed decision).
>>
>> FYI - Firefox's dialogs around disabling certs are not very good.
>> When you "Delete" a cert it leaves the list until you restart Firefox
>> at which point it will return. However, what happens behind the
>> scenes is that the cert is disabled from being used, but is kept in
>> the list. You can check that a particular cert is set to be used by
>> using the "Edit" button.
>>
>> Dan
>>
>> On Tue, Dec 23, 2008 at 11:23 AM, Will Langford <unfies at gmail.com> wrote:
>>> Old thread, I've seen other things relating to the topic (self signed vs not
>>> etc).
>>> Successful man in the middle goodness.
>>>
>>> http://it.slashdot.org/article.pl?sid=08/12/23/0046258
>>>
>>> and, forbid me for reading user comments... but...:
>>>
>>> http://it.slashdot.org/comments.pl?sid=1071061&cid=26211327
>>>
>>> -Will
>>> _______________________________________________
>>> OLUG mailing list
>>> OLUG at olug.org
>>> https://lists.olug.org/mailman/listinfo/olug
>>>
>> _______________________________________________
>> OLUG mailing list
>> OLUG at olug.org
>> https://lists.olug.org/mailman/listinfo/olug
>>
>
>
>
> --
> Jeff Hinrichs
> Dundee Media & Technology, Inc
> jeffh at dundeemt.com
> 402.218.1473
> web: www.dundeemt.com
> blog: inre.dundeemt.com
>
--
Jeff Hinrichs
Dundee Media & Technology, Inc
jeffh at dundeemt.com
402.218.1473
web: www.dundeemt.com
blog: inre.dundeemt.com
More information about the OLUG
mailing list