2008/11/5 Robert Relyea <[EMAIL PROTECTED]>:
> NZzi wrote:
>>
>> hi all:
>>
>> when i use nss to develop some cipher program(just
>> for local, not internet), i.e. just perform
>> miscellaneous cryptographic operations, the only
>> reference i can use is the example code from MDC.
>>
>> when i want
On 11/04/2008 02:04 PM, Bernie Sumption:
The problem as I see it is that the same warning UI is shown whenever
there is a less than perfect certificate. Let us assume
The concept of SSL certificates isn't based on assumptions! Neither does
the cryptographic library assume things, but makes de
NZzi wrote:
hi all:
when i use nss to develop some cipher program(just
for local, not internet), i.e. just perform
miscellaneous cryptographic operations, the only
reference i can use is the example code from MDC.
when i want a detail parameter explanation, what i
got is just this function's MX
David Stutzman wrote:
For me, free is better than that small inconvenience for other people.
For anyone else that needs it to work in all/most browsers, isn't it
possible to get an SSL cert for around $20 a year? I mean, if you can
afford the domain name registration and possibly webhosting or y
Nelson Bolyard wrote:
SM 2.0 alpha pre-release does use NSS 3.12, but it still does not support
EV UI. Although I use SM trunk builds exclusively, I have never seen a
"green bar" or the authenticated web site principal name or country name
in the "chrome" anywhere. I see no difference between E
Nelson Bolyard wrote:
SM 2.0 alpha pre-release does use NSS 3.12, but it still does not support
EV UI. Although I use SM trunk builds exclusively, I have never seen a
"green bar" or the authenticated web site principal name or country name
in the "chrome" anywhere. I see no difference between E
Bernie Sumption wrote, On 2008-11-04 04:04:
>> Is removal of the ability to override bad certs the ONLY effective
>> protection for such users?
>
> No. If we can detect MITM attacks, the problem goes away.
It does?
Absence of an incomplete MITM attack does not prove the identity of the
server.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On
Behalf Of [EMAIL PROTECTED]
Sent: Monday, November 03, 2008 1:46 PM
To: dev-tech-crypto@lists.mozilla.org
Subject: Re: someone else complaining about "Mozilla SSL policy"
On 3 Nov., 14:40, "David Stutzman" <[EMAIL PROT
Bernie Sumption wrote:
The problem as I see it is that the same warning UI is shown whenever
there is a less than perfect certificate. Let us assume that 99.99% of
the time, this either a misconfigured web server or a homebrew site
that is using self-signed certs because they only care about
enc
> Is removal of the ability to override bad certs the ONLY effective
> protection for such users?
No. If we can detect MITM attacks, the problem goes away. There are
ways of detecting MITM attacks, but first of all, this is why we need
to do it:
The problem as I see it is that the same warning UI
10 matches
Mail list logo
