Eddy Nigg wrote:
On 11/15/2008 05:18 PM, Ian G:
Eddy Nigg wrote:
On 11/12/2008 05:21 PM, Ian G:
Not sure why, but your posting arrived just only now...
I was offline / travelling. There is this little lightbulb on the
bottom left side of Thunderbird that we can click, and then the
Eddy Nigg wrote:
On 11/12/2008 05:21 PM, Ian G:
No it's not. You just need the person, not their identity.
LOL, you are funny...and how exactly do you get the person if you don't
know who it is that you need? This is what the (verified real) identity
details in certificates are here for...
On 11/15/2008 05:18 PM, Ian G:
Eddy Nigg wrote:
On 11/12/2008 05:21 PM, Ian G:
Not sure why, but your posting arrived just only now...
What is clear is that the name is not really the essence of the process,
it is just one part. So if we are claiming the full essence of getting
people to
* Alaric Dailey:
DNSSEC is an assertion of validitity of the DNS.
EV certs assert that the business behind the cert is legit.
Only that a legal entity exists (whether its legitimate is not
checked). EV certificates are routinely issued to organizations which
do not run the business which
On 11/15/2008 05:19 PM, Florian Weimer:
* Alaric Dailey:
DNSSEC is an assertion of validitity of the DNS.
EV certs assert that the business behind the cert is legit.
Only that a legal entity exists (whether its legitimate is not
checked). EV certificates are routinely issued to
Eddy Nigg wrote:
On 11/15/2008 05:19 PM, Florian Weimer:
* Alaric Dailey:
DNSSEC is an assertion of validitity of the DNS.
EV certs assert that the business behind the cert is legit.
Only that a legal entity exists (whether its legitimate is not
checked). EV certificates are routinely
On 11/15/2008 05:57 PM, Wes Kussmaul:
Eddy Nigg wrote:
On 11/15/2008 05:19 PM, Florian Weimer:
* Alaric Dailey:
DNSSEC is an assertion of validitity of the DNS.
EV certs assert that the business behind the cert is legit.
Only that a legal entity exists (whether its legitimate is not
At 8:20 PM +0200 11/15/08, Eddy Nigg wrote:
Lets stay focused!
This thread started off with a purported newbie having a problem with seeing
self-signed certs where she shouldn't have. It then morphed into a discussion
of security UI design. Then it went to what users shold and should not be
On 11/15/2008 10:04 PM, Paul Hoffman:
At 8:20 PM +0200 11/15/08, Eddy Nigg wrote:
Lets stay focused!
This thread started off with a purported newbie having a problem with seeing
self-signed certs where she shouldn't have. It then morphed into a discussion
of security UI design. Then it went
On 11/12/2008 05:21 PM, Ian G:
No it's not. You just need the person, not their identity.
LOL, you are funny...and how exactly do you get the person if you don't
know who it is that you need? This is what the (verified real) identity
details in certificates are here for...
If you need
Eddy Nigg wrote:
Nope, just eliminating an assumption or two: identity required for
court. Once these are eliminated, life becomes much easier.
Real identity is required for court,
No it's not. You just need the person, not their identity. The
identity is useful for eliminating
On 11/12/2008 08:32 AM, Ian G:
eBay users seems to survive without them?
Because a different body governs them.
Or lets make some comparison to transportation, where one in order to
drive a car must undergo some training and carry a license. I could
imagine something similar applied to the
No. There is no consensus. There are opposing camps. One camp
believes that the solution is to drop all self-signed certs. Another
camp believes that Key Continuity Management is the answer. Yet a third
camp believes that user training has to be done, and the UI needs a
little tweaking,
On 11/11/2008 03:54 PM, Ian G:
And, in particular, the PKI industry's obsession with some concept that
you refer to as legal identity is ruining its own market.
I personally don't perceive it as such nor do I think that there is such
an obsession. I *do* believe that more verified
On 11/11/2008 04:58 AM, Ian G:
Yes, you are confirming and reinforcing his point: the dominant paridigm
-- to push a concept of a binding of legal name to key -- is making it
difficult for advocates of crypto to gain traction.
It serves a purpose, it's not the only form in current applied PKI
Sorry, rushed reply!
Eddy Nigg wrote:
On 11/11/2008 04:58 AM, Ian G:
Yes, you are confirming and reinforcing his point: the dominant paridigm
-- to push a concept of a binding of legal name to key -- is making it
difficult for advocates of crypto to gain traction.
It serves a purpose, it's
On 09.11.2008, at 16:25, Ian G wrote:
Eddy Nigg wrote:
Now I'm interested in getting rid of self-signed certificates if
possible. They undermine legitimate certificates and put the
majority of users under an unneeded risk. That's one of my goals
today!
It seems that Eddy and Nelson are
On Tue, Nov 11, 2008 at 9:06 AM, Eddy Nigg [EMAIL PROTECTED] wrote:
On 11/11/2008 03:54 PM, Ian G:
And, in particular, the PKI industry's obsession with some concept that
you refer to as legal identity is ruining its own market.
I personally don't perceive it as such nor do I think that
Eddy Nigg wrote:
On 11/11/2008 03:54 PM, Ian G:
And, in particular, the PKI industry's obsession with some concept that
you refer to as legal identity is ruining its own market.
I personally don't perceive it as such nor do I think that there is such
an obsession. I *do* believe that more
Eddy Nigg wrote:
On 11/10/2008 02:11 AM, Kyle Hamilton:
On Sun, Nov 9, 2008 at 7:26 AM, Eddy Nigg[EMAIL PROTECTED] wrote:
Since there's a fairly argumentative tone going on, I think I should
explain what my viewpoint is:
Kyle, your reply was highly interesting! Nevertheless I'll cut down my
Anders Rundgren wrote:
I haven't followed this lengthy discussion in detail but I have for a long
time wondered how DNSSEC and SSL-CA-Certs should coexist.
Which one will be the most authoritative?
Could DNSSEC (if it finally succeeds) be the end of SSL-CA-certs?
DNSSEC only attempts to
On 11/10/2008 09:52 PM, Nelson Bolyard:
Anders Rundgren wrote:
I haven't followed this lengthy discussion in detail but I have for a long
time wondered how DNSSEC and SSL-CA-Certs should coexist.
Which one will be the most authoritative?
Could DNSSEC (if it finally succeeds) be the end of
Nelson Bolyard wrote:
I haven't followed this lengthy discussion in detail but I have for a long
time wondered how DNSSEC and SSL-CA-Certs should coexist.
Which one will be the most authoritative?
Could DNSSEC (if it finally succeeds) be the end of SSL-CA-certs?
DNSSEC only attempts to
Subject: DNSSEC? Re: MITM in the wild
I haven't followed this lengthy discussion in detail but I have for a long
time wondered how DNSSEC
and SSL-CA-Certs should coexist.
Which one will be the most authoritative?
Could DNSSEC (if it finally succeeds) be the end of SSL-CA-certs?
Anders
At 11:52 AM -0800 11/10/08, Nelson Bolyard wrote:
DNSSEC only attempts to ensure that you get the (a) correct IP address.
s/only/only currently/
You can stick any data you want in the DNS. Currently the most popular data is
the A record (IP address) associated with a domain name, but is it
Eddy Nigg wrote:
On 11/10/2008 04:31 PM, Ian G:
Eddy Nigg wrote:
[EMAIL PROTECTED] is hardly a legal identity...
That's because there is no such thing as a legal identity.
I think he meant with legal your legally given name as listed in your
passport for example or an organization as
On 11/09/2008 08:38 AM, Kyle Hamilton:
Because you're assuming that everything that occurs in this world
exists in a corporate environment, Eddy.
Well, I didn't meant only the corporate, but also any hobbyist geek.
Those are, which lament against PKI in general and promote self-signed
certs.
Eddy Nigg wrote:
Now I'm interested in getting rid of self-signed certificates if
possible. They undermine legitimate certificates and put the majority
of users under an unneeded risk. That's one of my goals today!
Well, all the arguments have been heard on this already, and positions
are
On 11/09/2008 04:25 PM, Ian G:
Well, all the arguments have been heard on this already, and positions
are fairly entrenched. It seems futile to have the debate over and over,
and I for one would like to point out that it is uncomfortable to treat
it like a political campaign.
Well, Kyle
On Sun, Nov 9, 2008 at 7:26 AM, Eddy Nigg [EMAIL PROTECTED] wrote:
On 11/09/2008 04:25 PM, Ian G:
Well, all the arguments have been heard on this already, and positions
are fairly entrenched. It seems futile to have the debate over and over,
and I for one would like to point out that it is
Well, all the arguments have been heard on this already, and positions are
fairly entrenched. It seems futile to have the debate over and over, and I
for one would like to point out that it is uncomfortable to treat it like a
political campaign.
Perhaps a vote?
Not for me, but perhaps a
On 11/10/2008 02:11 AM, Kyle Hamilton:
On Sun, Nov 9, 2008 at 7:26 AM, Eddy Nigg[EMAIL PROTECTED] wrote:
Since there's a fairly argumentative tone going on, I think I should
explain what my viewpoint is:
Kyle, your reply was highly interesting! Nevertheless I'll cut down my
response to a few
I haven't followed this lengthy discussion in detail but I have for a long time
wondered how DNSSEC
and SSL-CA-Certs should coexist.
Which one will be the most authoritative?
Could DNSSEC (if it finally succeeds) be the end of SSL-CA-certs?
Anders
Kyle Hamilton wrote:
The basic idea for querying this would be as follows: hash the Subject
and each/all SANs in the certificate, and query for that hash (perhaps
to a web service). If there's a match,
Would I as an attacker use a perfect Subject / SAN that would leave
itself easily
On 11/08/2008 10:50 PM, Kyle Hamilton:
I would have no problem with changing the chrome when people step
outside of the assurances that Firefox tries to provide. I /do/ have
a problem with removing the ability for users to try to self-organize
their own networks. (The threat model is
On 11/07/2008 05:18 AM, Kyle Hamilton:
So, essentially, what you're saying is that it was a targeted attack
against a user, instead of an attack targeted against a server?
What is an attack targeted against a server in the context of browsers
and MITMs?
--
Regards
Signer: Eddy Nigg,
If we create an error display that says No kidding, this absolutely
is an attack and we're stopping you cold to protect you from it.
it seems unavoidable that users will learn to treat the absence
of such an unbypassable error display as proof to the contrary,
proof that the site is genuine
Eddy Nigg wrote:
On 11/07/2008 05:18 AM, Kyle Hamilton:
So, essentially, what you're saying is that it was a targeted attack
against a user, instead of an attack targeted against a server?
What is an attack targeted against a server in the context of browsers
and MITMs?
Possibly, it is
Bernie Sumption wrote:
Graham, Nelson, Eddy, you all make good points.
I'll take your word for it that it's impossible to detect MITM attacks
with 100% reliability, as I said I'm not a security expert.
How about an MITM detection service that gives no false positives, but
might give false
Bernie Sumption wrote:
If we create an error display that says No kidding, this absolutely
is an attack and we're stopping you cold to protect you from it.
it seems unavoidable that users will learn to treat the absence
of such an unbypassable error display as proof to the contrary,
proof that
Bernie Sumption wrote:
If we create an error display that says No kidding, this absolutely
is an attack and we're stopping you cold to protect you from it.
it seems unavoidable that users will learn to treat the absence
of such an unbypassable error display as proof to the contrary,
proof that
Iang wrote, On 2008-11-07 08:22:
Bernie Sumption wrote:
How about an MITM detection service that gives no false positives, but
might give false negatives? If you positively identify an MITM attack,
you can present users with a much more definite UI saying this *is*
an MITM attack and giving
On 11/07/2008 11:21 PM, Nelson B Bolyard:
I will add that, while MITMs have historically been very rare, they are
on the upswing. I see two broad areas where MITM attacks are on the
increase, and they're both directed at the user, not the server.
One must recognize the fact that MITM attacks
Graham, Nelson, Eddy, you all make good points.
I'll take your word for it that it's impossible to detect MITM attacks
with 100% reliability, as I said I'm not a security expert.
How about an MITM detection service that gives no false positives, but
might give false negatives? If you positively
Bernie Sumption wrote, On 2008-11-06 03:57:
Graham, Nelson, Eddy, you all make good points.
I'll take your word for it that it's impossible to detect MITM attacks
with 100% reliability, as I said I'm not a security expert.
How about an MITM detection service that gives no false positives,
What curious things do you notice about these certs?
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1224169969 (0x48f759f1)
Signature Algorithm: PKCS #1 MD5 With RSA Encryption
Issuer: CN=unaportal.una.edu,O=University of North Alabama
Validity:
Nelson B Bolyard wrote:
What curious things do you notice about these certs?
Only one key? All have same Issuer + Subject?
iang
___
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
Aside from the fact that they all claim to be issued by themselves,
but the key modulus is the same across all of them?
Perhaps the fact that they're all version 3 certificates that don't
show any version 3 extensions, such as keyUsage and
extendedKeyUsage?
Should there be a check to make sure
...and they're all using MD5?
-Kyle H
On Thu, Nov 6, 2008 at 12:48 PM, Ian G [EMAIL PROTECTED] wrote:
Nelson B Bolyard wrote:
What curious things do you notice about these certs?
Only one key? All have same Issuer + Subject?
iang
___
Kyle,
Kyle Hamilton wrote:
Should there be a check to make sure that disparate sites aren't using
the same public key modulus/exponent?
That would be fairly hard to implement reliably.
Currently, we don't persist end-entity certs of web sites in general in PSM.
Even if we did, what is the
Ian G wrote, On 2008-11-06 12:48:
Nelson B Bolyard wrote:
What curious things do you notice about these certs?
Only one key?
Yup. That's the biggie. It allows the MITM to get by with just a
single private key.
All have same Issuer + Subject?
Yeah, all self signed. All DNs consist of
Nelson B Bolyard wrote:
Ian G wrote, On 2008-11-06 12:48:
Nelson B Bolyard wrote:
What curious things do you notice about these certs?
Only one key?
Yup. That's the biggie. It allows the MITM to get by with just a
single private key.
OK. We can of course all imagine ways to exploit
Kyle,
Kyle Hamilton wrote:
So, essentially, what you're saying is that it was a targeted attack
against a user, instead of an attack targeted against a server?
Apparently, keeping track of keys in certificates placed individually
into NSS might be a good idea regardless.
The attacker
Bernie Sumption wrote, On 2008-11-04 04:04:
Is removal of the ability to override bad certs the ONLY effective
protection for such users?
No. If we can detect MITM attacks, the problem goes away.
It does?
Absence of an incomplete MITM attack does not prove the identity of the
server.
Is removal of the ability to override bad certs the ONLY effective
protection for such users?
No. If we can detect MITM attacks, the problem goes away. There are
ways of detecting MITM attacks, but first of all, this is why we need
to do it:
The problem as I see it is that the same warning UI
Ian G wrote, On 2008-10-20 22:41:
Nelson B Bolyard wrote:
It is widely agreed that, since KCM has no central revocation facility,
KCM is not central, period. Talking about revocation is a strawman.
I should have said central revocation SERVICE. Sadly, it DOES have a
central revocation
Ian G:
Nelson B Bolyard wrote:
It is widely agreed that, since KCM has no central revocation facility,
KCM is not central, period. Talking about revocation is a strawman.
I think that's the point he is making.
What's your point? Sounds to me like most of the last 1000 security
bugs.
Graham Leggett wrote:
David E. Ross wrote:
[...]
I have also visited sites with incorrectly configured site certificates.
[...]. I definitely do not want to be locked out of these sites either.
This is the classic balance between convenience and security.
inconvenience != security.
Nelson B Bolyard wrote:
[...]
This incident has shown that FF3, with its all-too-easy-to-defeat MITM
reporting, is NOT suitable for high-value web transactions such as
online banking.
You know Nelson the reason why you are taking this the wrong way is that
you have *no* direct experience of
Jean-Marc Desperrier:
Eddy Nigg wrote:
[...]
When the visitor statistics suddenly goes down, web site owners will
take action.[...]
It will not go down. It's only the percentage of user using Firefox that
will go down.
Can you please backup your assumptions?
MY sources show clearly that
Jean-Marc Desperrier:
Broken ? Yes, instead of accessing to the web site, he got some error
screen, and had to run IE instead.
Oh yes, and IE let him just through, no errors and no red address bar
and no We recommend not to visit this site, right?
This was a developer with already around
Ian G:
Curious! Eddy, how did you learn how to go to all that inconvenience?
LOL
Because I'm a security expert I guess :-)
--
Regards
Signer: Eddy Nigg, StartCom Ltd.
Jabber: [EMAIL PROTECTED]
Blog: https://blog.startcom.org
___
Jean-Marc Desperrier wrote:
Eddy Nigg wrote:
[...]
Every time I come from shopping it's very inconvenient to put down the
shopping bags, grab for my keys and open the front door of my house.
Then pick up my bags again. After entering I have to lock the door again
(by convenience, if I want).
Jean-Marc Desperrier:
The pratical result of inconvenience is a threshold level that depends
of two factor : the inconvenience and the perceived threat.
I agree with every word you said in this mail! Risk assessment is
important! I believe that we just don't agree (yet) where to draw the
Eddy Nigg wrote:
[...]
Despite that, http://www.xitimonitor.com/ has testimony to a growing
market share of Firefox in Europe, including Germany. Go figure...
I *never* claimed that this problem would lower the *general* use of
Firefox. The SSL use case is small enough that it has *no* weight
Eddy Nigg wrote:
[...]
MY sources show clearly that both web sites using legitimate
certificates and market share of Firefox has gone up. This is correct
in real number and relative percentage wise.
The second number hardly actually proves anything. In what I describe,
users will continue to
Eddy Nigg wrote:
Jean-Marc Desperrier:
Graham Leggett wrote:
This is the classic balance between convenience and security.
inconvenience != security.
inconvenience == unsecurity.
Every time I come from shopping it's very inconvenient to put down the
shopping bags, grab for my keys and
Jean-Marc Desperrier wrote, On 2008-10-20 01:50:
Eddy Nigg wrote:
Ian G:
Nelson B Bolyard wrote:
Despite all the additional obstacles that FF3 put in her way, and all
the warnings about legitimate sites will never ask you to do this,
she persisted in overriding every error, and thus giving
Everybody take a deep breath. If we start treating this as black-and-white
extremes, it is unlikely that most users will get the best security and
usability.
Few if any of us active in this thread are HCI experts. Few of us have anything
more than small amounts of anecdotal evidence. Many of
Jean-Marc Desperrier wrote, On 2008-10-20 05:33:
Jean-Marc Desperrier wrote:
I realized that there's a specific reason why I don't lock my door after
entering. [...] The door of my appartement doesnt' have an ouside handle.
You can't enter without using the key.
In other words, you don't
On Mon, Oct 20, 2008 at 4:49 AM, Eddy Nigg [EMAIL PROTECTED] wrote:
Jean-Marc Desperrier:
Graham Leggett wrote:
This is the classic balance between convenience and security.
inconvenience != security.
inconvenience == unsecurity.
Every time I come from shopping it's very inconvenient
Nelson B Bolyard wrote:
Jean-Marc Desperrier wrote, On 2008-10-20 05:33:
Jean-Marc Desperrier wrote:
I realized that there's a specific reason why I don't lock my door after
entering. [...] The door of my appartement doesnt' have an ouside handle.
You can't enter without using the key.
Kyle Hamilton wrote:
On Mon, Oct 20, 2008 at 4:49 AM, Eddy Nigg [EMAIL PROTECTED] wrote:
Jean-Marc Desperrier:
Graham Leggett wrote:
This is the classic balance between convenience and security.
inconvenience != security.
inconvenience == unsecurity.
Every time I come from shopping it's
Ian G wrote, On 2008-10-20 13:28:
Yes. E.g., did you know that the point of a good lock on a door is
*not* to stop a burglar getting in, but to stop him getting out?
That's why it is called a deadbolt. The burglar can always get in,
the game is to stop him getting out the front door,
Nelson B Bolyard:
httpst:// (security theater) maybe? or
httpwf:// (warm fuzzy) or
mitm://
LOLI can't hold myself on the chair anymore...I'm laughing myself
kaput! Because of you I had to change my shirt and clean the keyboard
from coffee stainsCan you warn me next time upfront
Nelson B Bolyard wrote:
b) some unmistakeable blatantly obvious way to show the user that this
site is not using security that's good enough for banking but, well,
is pretty good security theater. Flashing pink chrome?
Empty wallet icon? The whistling sounds associated with falling things?
OK, I was too flippant, but I'm serious about wanting an alternative
to https, something that means security not good enough for financial
transactions, but OK for your private home router/server.
Nelson B Bolyard wrote, On 2008-10-20 15:07:
Ian G wrote, On 2008-10-20 13:28:
(e.g., we do agree
Nelson B Bolyard wrote:
Ian G wrote, On 2008-10-20 19:24:
There are possibilities. One is the server-side self-signed certs,
which would generally prefer KCM to be useful, so add Petnames.
This is ok for small sites, small communities, but valuable there as
compromised boxes are a pain.
David E. Ross wrote:
I visit some Web sites with self-signed certificates. None of those
sites request any input from me. The only reason they have site
certificates is that the site owners want to show off how technically
astute they are. Hah! However, those sites do indeed contain
Steffen Schulz wrote:
On 081018 at 20:30, Nelson B Bolyard wrote:
FF3 had utterly failed to convey to her any understanding that she was
under attack. The mere fact that the browser provided a way to override
the error was enough to convince her that the errors were not serious.
I find it
Ian G wrote:
Steffen Schulz wrote:
I find it amazing that someone shows this level of ignorance but then
manages to file a bugreport... :-)
[...] play with compilers, flags, build own browser,
To provide the output shown at the end of
Ian G wrote, On 2008-10-19 05:09:
Ian G wrote:
Nelson B Bolyard wrote:
KCM would not have helped.
I agree, KCM would not have helped. In both cases, the warnings are
delivered, and the user is given the responsibility for the overrides.
I was thinking about this, and actually, KCM would
Eddy Nigg wrote, On 2008-10-18 20:10:
Requiring a change to about:config would facilitate your needs (because
you have the knowledge to do both - change the config and know what it
means), while still protecting the standard user who neither cares about
security nor has any clue what
Nelson B Bolyard:
Eddy Nigg wrote, On 2008-10-18 20:10:
Requiring a change to about:config would facilitate your needs (because
you have the knowledge to do both - change the config and know what it
means), while still protecting the standard user who neither cares about
security nor has any
Nelson B Bolyard wrote:
Ian G wrote, On 2008-10-19 05:09:
Ian G wrote:
Nelson B Bolyard wrote:
KCM would not have helped.
I agree, KCM would not have helped. In both cases, the warnings are
delivered, and the user is given the responsibility for the overrides.
I was thinking about this,
Ian G:
If the user does not validate, then she has done a bad thing. Yes,
KCM would be at its weakest at that point, but no software tool is
perfect; at some stage we have to ask the user, and then by
definition the software is weak, dependent on the user.
Chiming in here
PKI wasn't
Eddy Nigg:
PKI wasn't meant to facilitate certificates issued from random. PKI is
mean disallow anything it doesn't know and doesn't chain to the root. In
the browser we have many roots, but it's the browser fault to allow the
user to ignore and click all th way through to heaven...or hell.
Ian G wrote, On 2008-10-19 15:17:
Nelson B Bolyard wrote:
KCM would have accepted those certs without any complaint.
Ahhh, not exactly! With KCM, it is not up to it to accept any certs
any time: unfamiliar certs are passed up to the user for validation.
Yes, but the users are
Ian G wrote, On 2008-10-18 12:32:
This is the pathological problem with MITM protection that has
existed from day 1 of SSL: it was a solution in advance of a
problem. Given that the solution was theoretical, and the problem
had no practical existence (until recently), the solution could
Ian G wrote, On 2008-10-19 05:50:
[...] I would like to figure out a nice story that says
use Firefox for all your general browsing ... but use for your
online bank. I just don't know what is.
As much as it pains me to say it, I agree. That is what is needed.
This incident has
Nelson B Bolyard wrote, On 2008-10-19 19:03:
Be careful not to confuse and conflict the MITM detection properties
of SSL with the MITM resistance properties of the browser UI.
s/conflict/conflate/ :(
___
dev-tech-crypto mailing list
Nelson B Bolyard:
This incident has shown that FF3, with its all-too-easy-to-defeat MITM
reporting, is NOT suitable for high-value web transactions such as
online banking.
FF3 is suitable for people on this list. It appears that it's not yet
suitable for the average user. At least FF3
In bug https://bugzilla.mozilla.org/show_bug.cgi?id=460374 the reporter
complained about how difficult it is to override bad cert errors in FF3.
She complained because she was getting bad cert errors on EVERY https
site she visited. ALL the https sites she visited were apparently
presenting
Nelson B Bolyard wrote:
In bug https://bugzilla.mozilla.org/show_bug.cgi?id=460374 the reporter
complained about how difficult it is to override bad cert errors in FF3.
She complained because she was getting bad cert errors on EVERY https
site she visited. ALL the https sites she visited were
Ian G:
Nelson B Bolyard wrote:
Despite all the additional obstacles that FF3 put in her way, and all
the warnings about legitimate sites will never ask you to do this,
she persisted in overriding every error, and thus giving away most of
her valuable passwords to her attacker.
Yep, no
On 081018 at 20:30, Nelson B Bolyard wrote:
FF3 had utterly failed to convey to her any understanding that she was
under attack. The mere fact that the browser provided a way to override
the error was enough to convince her that the errors were not serious.
I find it amazing that someone
On 10/18/2008 11:22 AM, Nelson B Bolyard wrote [in part]:
Is removal of the ability to override bad certs the ONLY effective
protection for such users?
I visit some Web sites with self-signed certificates. None of those
sites request any input from me. The only reason they have site
David E. Ross:
I visit some Web sites with self-signed certificates. None of those
sites request any input from me. The only reason they have site
certificates is that the site owners want to show off how technically
astute they are. Hah! However, those sites do indeed contain
information
98 matches
Mail list logo