On Dec 5, 2007 11:00 AM, Jean-Marc Desperrier <[EMAIL PROTECTED]> wrote:
> Apparently the news server on secnews.netscape.com is still using
> SSLv2/40 bits encryption.
> Cf : http://groups.google.com/group/mozilla.general/msg/efe2c8f4a73e2e24
>
> Is there any way to get AOL to update it ?
Is secn
On Dec 5, 2007 1:04 PM, Bruno Escherl <[EMAIL PROTECTED]> wrote:
> Hello,
>
> I hope this is the right place to ask for it. I need a checkin for the
> patches in bug 396044 and 396045. Reed said in that bugs, that special
> checkin rights are needed.
Hi Bruno,
In the future you can just ask an NS
Hello,
I hope this is the right place to ask for it. I need a checkin for the
patches in bug 396044 and 396045. Reed said in that bugs, that special
checkin rights are needed.
Greeting
Bruno
___
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozill
Apparently the news server on secnews.netscape.com is still using
SSLv2/40 bits encryption.
Cf : http://groups.google.com/group/mozilla.general/msg/efe2c8f4a73e2e24
Is there any way to get AOL to update it ?
___
dev-tech-crypto mailing list
dev-tech-cr
Kyle Hamilton wrote:
> I'll see if I can get the name of the product that the educational
> institution is using.
They should probably use a better one. A smart SSL/TLS proxy will create
the certificate for the proxied hostname on the fly (and not rely on an
omnipotent CN=* cert). See e.g. Balabit
Gervase Markham wrote:
> Eddy Nigg (StartCom Ltd.) wrote:
>
>> I explained it before. Because YOU can't read the subject line
>> /C=ישראל/ST=דרום/O=סטארטקום בע"מ/CN=אדי ניק
>> It's completely useless to you.
>>
>
> Absolutely. So I would seriously consider not trusting a site with such
>
Hi all,
On Wed, Dec 05, 2007 at 02:55:39PM +0200, Eddy Nigg (StartCom Ltd.) wrote:
> To make the story even shorter, in order to perform this MITM they use a
> wild card asterisk like CN=* ? Personally I'm completely against any
I know of at least one enterprise setup where it has been implement
Hi Kyle,
To make the story even shorter, in order to perform this MITM they use a
wild card asterisk like CN=* ? Personally I'm completely against any
kind of MITM and rather would block https/port 443 altogether as a
better policybut I guess this any discussion about this subject is
beyon
Eddy Nigg (StartCom Ltd.) wrote:
> I explained it before. Because YOU can't read the subject line
> /C=ישראל/ST=דרום/O=סטארטקום בע"מ/CN=אדי ניק
> It's completely useless to you.
Absolutely. So I would seriously consider not trusting a site with such
a subject line.
> A passport or internationa
I'm not entirely certain what their internal deployments and rollouts
are, to be fair. My primary knowledge comes from conferring with
people within the organizations.
I should point out that the second is an example of a situation where
such paranoia on the part of the MIS staff would be well-fo
Kyle Hamilton wrote, On 2007-12-04 23:03:
> Two short, practical examples, which are gleaned from reality (though
> I am not at liberty to state of what organizations I speak):
And these organizations are locked-in to Mozilla products now, because
IE won't work for them, right?
__
11 matches
Mail list logo
