> Hi Boaz, you can easily remove yourself using the web
> interface, as advertised in the footer:
Ah, but Firefox gives the warning "This Connection is Untrusted". Apparently
the issuer is unknown and it expired March 29, 2008. Maybe he doesn't
"Understand the Risks", specifically the suggestion "Don't add an exception
unless you know there's a good reason why this site doesn't use trusted
identification.". Now, this is a list of security people, so there can't be a
good reason why the site doesn't use trusted identification.
Although my sarcasm might not show it, I think expired/self-signed certs are
just fine (better than nothing), and that Firefox is overreacting. I'm just
pointing out that security is often a complex and difficult tradeoff.
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.
