Home page logo

fulldisclosure logo Full Disclosure mailing list archives

Re: Invalid Certificate
From: Tonnerre Lombard <tonnerre.lombard () sygroup ch>
Date: Wed, 17 Sep 2008 09:07:51 +0200

Salut, James,

On Tue, 16 Sep 2008 20:38:47 -0700, James Matthews wrote:
Ask secunia to pay for the proper ssl

https://www.cacert.org/ might as well be appropriate and is nowadays
supported by most distributions of Linux (though not turned on by
default for some obscure reason? One has to dpkg-reconfigure
ca-certificates. Maybe someone from the Debianist camp can enlighten us
on why?)

I personally think that it also has the better trust model; I trust
people more if they have been assured by a number of geeks than if they
simply had the money to pay for a certificate[1].

But whatever suits you.


[1]: Apart from the fact that it seems that not all pay-by-cert
     "authorities" are recognized either; I also had problems
     with expensive wildcard certificates not being recognized as
     signed by a proper CA. You learn who to trust pretty quickly.
SyGroup GmbH
Tonnerre Lombard

Solutions Systematiques
Tel:+41 61 333 80 33            G├╝terstrasse 86
Fax:+41 61 383 14 67            4053 Basel
Web:www.sygroup.ch              tonnerre.lombard () sygroup ch

Attachment: signature.asc

Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]