[19396] in cryptography@c2.net mail archive
Re: browser vendors and CAs agreeing on high-assurance certificat
daemon@ATHENA.MIT.EDU (Ian G)
Fri Dec 23 14:43:50 2005
X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
Date: Fri, 23 Dec 2005 18:48:59 +0000
From: Ian G <iang@systemics.com>
To: leichter_jerrold@emc.com
Cc: pgut001@cs.auckland.ac.nz, cryptography@metzdowd.com,
jamesd@echeque.com, smb@cs.columbia.edu
In-Reply-To: <Pine.SOL.4.61.0512231158410.12756@mental>
> BTW, illustrating points made here, the cert is for
> financialcryptography.com
> but your link was to www.financialcryptography.com. So of course Firefox
> generated a warning....
Indeed.... and even if that gets fixed we still have
to contend with:
* the blog software can't handle the nature of a
TLS site (internal problems like non-working
trackbacks, internal links, posts, ...)
* the cert has to be shared with 3 other sites
* Firefox will still warn about it being a CAcert
signed certificate
* ... I'm sure there's more.
Hopefully over the next year, the webserver (Apache)
will be capable of doing the TLS extension for sharing
certs so then it will be reasonable to upgrade.
iang
PS: SSL v2 must die! Wot, you mean you haven't
turned it off in your browser yet?
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
