iCab users will be interested in this reply I recieved from Alexander Clauss. This initially sounds like a good idea to me, but then I start wondering what would happen if a user unknowingly imported a false security certificate, and if this could happen. And, I wonder how the user will get the unknown information of legitimage new certificates, such as in the current example of the changed PayPal cerificates. I assume that these would be issued by iCab.
Are there any comments from the list members on this approach?
Evil potential, but necessary. The 'net is just not static; browsers have to be updatable on the fly. Certificates and Authorities come and go, and while they're around they sometimes screw things up. So browsers have to have the ability to override and/or fetch new certificates... Yes, there are all sorts of dangerous spoofing possibilities. Hopefully, Alexander will limit things so you can only fetch new certificates from known Authorities. If you want to permit a new Authority, you'll have to jump thru all sorts of confirmation dialogs and such...
Also, I have no idea of how this security certificate system works, and who makes them, who keeps them, who gives them to who to use on their browsers, when and why they are changed, etc.
Check VeriSign's web site. I think there's some how-this-works stuff there. Google is your friend.
- Dan.
-- G-List is sponsored by <http://lowendmac.com/> and...
Small Dog Electronics http://www.smalldog.com | Refurbished Drives | -- We have Apple Refurbished Monitors in stock! | & CDRWs on Sale! |
Support Low End Mac <http://lowendmac.com/lists/support.html>
G-List list info: <http://lowendmac.com/lists/g-list.shtml> --> AOL users, remove "mailto:"; Send list messages to: <mailto:[EMAIL PROTECTED]> To unsubscribe, email: <mailto:[EMAIL PROTECTED]> For digest mode, email: <mailto:[EMAIL PROTECTED]> Subscription questions: <mailto:[EMAIL PROTECTED]> Archive: <http://www.mail-archive.com/g-list%40mail.maclaunch.com/>
Using a Mac? Free email & more at Applelinks! http://www.applelinks.com
