>>> Basically, this is an elliptic curve algorithm, but GOST signature
>>> slightly differ from X9.62 EC signature. GOST digital signature is
>>> not affected by Certicom patents and free for use. Even more, in
>>> Russia, it is mandated for use in government organizations and
>>> "working for gov
On 2009-10-08 15:45 PDT, Guenter wrote:
> Daniel,
> Am 08.10.2009, 22:30 Uhr, schrieb Daniel Veditz :
>
>> On 10/7/09 4:00 PM, Guenter wrote:
>>> Hi,
>>> is there any way to overwrite the default behaviour that a remote SSL
>>> host is verified against the CA list in the certdb?
>> At what level?
Daniel,
Am 08.10.2009, 22:30 Uhr, schrieb Daniel Veditz :
On 10/7/09 4:00 PM, Guenter wrote:
Hi,
is there any way to overwrite the default behaviour that a remote SSL
host is verified against the CA list in the certdb?
At what level? Assuming you're asking in this newsgroup because you're
w
On 10/8/09 2:00 PM, Ian G wrote:
On 08/10/2009 22:30, Daniel Veditz wrote:
If you're asking about how to do it from Firefox you could try the "MITM
Me" addon (Description: "This add-on is a terrible idea, and you
shouldn't install it.")
https://addons.mozilla.org/en-US/firefox/addon/6843
Hilar
On 08/10/2009 22:30, Daniel Veditz wrote:
On 10/7/09 4:00 PM, Guenter wrote:
Hi,
is there any way to overwrite the default behaviour that a remote SSL
host is verified against the CA list in the certdb?
At what level? Assuming you're asking in this newsgroup because you're
writing code to use
On 10/7/09 4:00 PM, Guenter wrote:
Hi,
is there any way to overwrite the default behaviour that a remote SSL
host is verified against the CA list in the certdb?
At what level? Assuming you're asking in this newsgroup because you're
writing code to use NSS directly (or through PSM) you could lo
Hi Martin,
I think we are basically on the same page :-)
Here is a recent document that may be of some interest:
http://webpki.org/papers/mobilephone-pki-options.pdf
I'm obviously not a fan of WPKI in spite of that it "Works".
But I have also given up on PC-browsers since signatures are already u
Ian G wrote:
Thing is, client certs is one of the few bright spots in security,
looking forward. They remove the passwords from the equation. This
forces that phisher-attacker into the "real-time MITM" space instead of
the "lazy-time MITM space".
No, you're wrong Ian, it's much stronger than
FYI:
Estonia has WPKI, eID keys on SIM cards, a SIM application triggered
via OTA messages.
This is often suggested as either an overall replacement or additional
method for cases when browser based PKI (SSL+server conf+signature
plugins/applets) miserably fails, for whatever reason.
Unfortunate
9 matches
Mail list logo
