[14421] in cryptography@c2.net mail archive
RE: Monoculture
daemon@ATHENA.MIT.EDU (Don Davis)
Thu Oct 2 11:35:28 2003
X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
In-Reply-To: <3F7AF751.90601@aculab.com>
Date: Thu, 2 Oct 2003 08:26:13 -0400
To: Jill Ramonsky <Jill.Ramonsky@aculab.com>
From: Don Davis <don@mit.edu>
Cc: cryptography@metzdowd.com
perry wrote:
>> We could use more implementations of ssl and
>> of ssh, no question.
>> ...more cleanly implemented and simpler to use
>> versions of existing algorithms and protocols...
>> would be of tremendous utility.
jill ramonsky replied:
> I am very much hoping that you can answer both (a)
> and (b) with a yes, in which case I will /definitely/
> get on with recoding SSL:
> Is it possible for Bob to instruct his browser to
> (a) refuse to trust anything signed by Eve, and
> (b) to trust Alice's certificate (which she handed
> to him personally)? (And if so, how?)
how it's done depends on the browser:
in Moz 1.0: Edit > Preferences... > Privacy & Security >
Certificates > Manage Certificates >
{Authorities, Web Sites}
in MSIE 5: Edit > Preferences.., > Web Browser >
Security > Certificate Authorities
(there seems to be no way to tell MSIE 5 to
trust Alice's server cert for SSL connections,
except to tell MSIE 5 to trust Alice's CA.)
in NS 4.75: Communicator > Tools > Security Info >
Certificates > {Signers, Web Sites}
- don davis, boston
-
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
