[14452] in cryptography@c2.net mail archive
RE: Monoculture
daemon@ATHENA.MIT.EDU (Don Davis)
Fri Oct 3 13:21:14 2003
X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
In-Reply-To: <3F7C2659.1090107@aculab.com>
Date: Fri, 3 Oct 2003 09:05:30 -0400
To: Jill Ramonsky <Jill.Ramonsky@aculab.com>
From: Don Davis <don@mit.edu>
Cc: cryptography@metzdowd.com
>>> Is it possible for Bob to instruct his browser to
>>> (b) to trust Alice's certificate (which she handed
>>> to him personally)? (And if so, how?)
>> how it's done depends on the browser:
>> in MSIE 5: (there seems to be no way to tell MSIE 5 to
>> trust Alice's server cert for SSL connections,
>> except to tell MSIE 5 to trust Alice's CA.)
> This seems to me to a /serious/ flaw in the design of MSIE.
well, before dismissing MSIE's cert-mgt completely,
you should check whatever version of MSIE ships on
Win2k/XP . MSIE 5 is all i have on my mac, because
i very rarely use MSIE.
but, if you want to complain about MSIE's security
features, you'll have to take a number and wait in
line... B^(
- don davis, boston
-
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
