Hi Richard!
On Fri, 09 Mar 2001 16:51:51 +0100 (CET), [EMAIL PROTECTED] (Richard Menedetter) wrote:
> Hi Samuel!
> 08 Mar 2001, "Samuel W. Heywood" <[EMAIL PROTECTED]> wrote:
> SH> would just crank up my WIN95 machine and use MSIE 3.02. I couldn't
> SH> even access the logon screen because of some stupid messages returned
> SH> by MSIE saying that the security certificates were not valid.
> yes ... the built in root-certs are outdated.
> but you can download new ones. (at least Netscape can)
> Why the **** are you using Internet Exploder ???????
I use Internet Explorer only when it is very important for me to find some
information on a web page that is JavaScript-infested and when the
information isn't readily available anywhere else except on the badly
designed web page.
I'm using Internet Explorer because that is what came with my computer
when I bought it new ca. 1996. At that time Bill Gates had total control
over all of the computer manufacturers were licensed to provide systems
with Windows. He didn't allow any of them to provide any non-Micro$oft
browsers in the computers they were marketing. Furthermore, the customers
were not even permitted the option of buying a computer without an operating
system installed if the computer manufacturer and the retail dealer were
licensed to provide Windows. You were not allowed to buy a new PC without
Windows from anyone except the black-market dealers. BTW, I personally feel
that when licensing laws result in such an oppressive situation, then the
the people should be encouraged to violate such laws. The only reason why
any freedom exists is that there have always been some good citizens who
have the courage to violate oppressive laws and to resist the authorities
who attempt to enforce them.
> SH> Then I called the technical support people who operate the online
> SH> banking service and I told them about my problem. They said that I
> SH> couldn't log on to my online banking site because their system uses
> SH> 128 bit encryption
> So what .... *_EVERY_* https site uses 128 bit encryption.
> Older clients have only 40 'real' random bits ... the rest is 0 out
> because of incredibly stupid and silly american regulations !!
> SH> and that the only program out there that can deal with it is
> SH> Internet Explorer 5.5.
> Netscape and propably Opera should work.
> The only situation where they will fail is if the site uses (radio) active
> X.
The situation failed because Internet Explorer would not allow me to view
the logon page because the list of security certificate validation
authorities is out of date. They told me I need to download and install
MSIE 5.5. I am telling you what they told me. I did not say that their
answer is correct.
> But if they do so I would REALLY fast be looking for another banking
> service !!!
> SH> I asked them if I could simply download a patch or a plugin to
> SH> update the listing of the security certificate validation
> SH> authorities.
> lie ... at least for Netscape
> (PS: You should be able to use even the outdated version ...
> if you explicitly tell IE that you trust the key that the server sends.)
What do I need to do to tell IE that I trust the key that the server sends,
and what do you suppose the chances are that my account information and my
password might be disclosed to an evil snoop or a criminal?
> SH> The correct answer of course is that Bill Gates is trying to
> SH> pull the wool over the eyes of the ignorant consumers.
> ?? not really ...
Yes, really. Abraham Lincoln is often quoted as having once said "You
can fool some of the people all of the time, and you can fool all of the
people some of the time, but you can't fool all of the people all of the
time."
> ssl is an open technology.
> look at GPL Projects like apache-ssl (working here on my own server),
> open-ssl ....
I have SSL with Lynx386. With Lynx386 I got to the https logon page. When
I submitted my logon Lynx386 returned an error message saying "Unsupported
URL scheme -- JavaScript!"
> The only problem is, if somebody is stupid enough to use active-x plugins.
> But these people really can't be helped ....
I have deactivated Active X on my browser. Therefore Active X has nothing
to do with my problem.
> (for those stuff java is really best suited ... and it's standardized, and
> there are JVMs for many OSs/Host-CPUs)
> (PS: In the time were USA regulation was even more stupid than now, my
> banking service used a Java Applet for those poor sould who used crippled
> us-export browsers.
> They used a tripple-DES algo implemented in Java over the weak 40 bit SSL
> link)
> SH> Can anyone here help me with discovering some more correct answers?
> what was the question ??
> How to access the site ??
Yes, of course that was the question.
> Install netscape 3, and ignore the message that the certs are outdated and
> need a roll-over.
Are you fairly sure that will work? If I do install NetScape 3 and fail to
get the results I am hoping for, will it be easy to uninstall? One thing I
really hate about Windows programs is that they are often so difficult to
uninstall unless you know about such things as editing the System Registry
and the INI files and such. I haven't got the time or the patience to learn
all of that because I rarely use Windows anyway.
> You can also try opera, or a newer 'more bloated' Netscape 4.7
> SH> Somewhere there ought to be a small dozeware utility to deal with my
> SH> problem.
> The problem is not the 128 bit encryption.
Yes, I know that is not the problem, but that is what the techies told
me was the problem. Even DOS Lynx386 can do 128 bit encryption. If it
were not for all the JavaScript I could get in with Lynx386.
> Your bank claims that you need IE. (5.5 is IMHO a lie ... any IE over 4
> should do it !!!)
> Either they use suicidal techniques like active-x. (LEAVE the service
> immediately)
> Or the simply don't want to support other browsers.
> I personally can access my online banking facility with netscape 3 if I
> tell it that I trust in the key the server sends.
> (it can't determine this for himself, because the cert of the CA, which
> signed the servers key is no longer valid)
> SH> One thing that would really be cool would be a setup where
> SH> I could log on with Lynx386 and then quickly switch over to MSIE 3.02
> SH> after the logon was accomplished.
> ??? why would this be cool ???
> SH> I don't know if it would be possible to do that. Does anyone here
> SH> know if you can run a DOS internet app while connected via of a
> SH> dialup winsock connection?
> there is IMHO a shareware winsock->PD shim.
Thanks for telling me about this one. I'll go look for it.
Regards,
Sam Heywood
-- See our Big Gizmotimetemp at
-- http://banners.wunderground.com/banner/gizmotimetempbig/US/VA/Mt_Jackson.gif
