Alan Altmark wrote:
On Friday, 05/23/2008 at 08:24 EDT, Rob van der Heij <[EMAIL PROTECTED]>
wrote:
Sure, context. If you sit in the broom closet and just show your
hand-written driver license to yourself to practice the movements or
rituals, sure...   Useful when you want to learn things or do
experiments.

I know of at least one CA that provides *free* certificates (that
expire in a month) for experimenting. That might be more appropriate
than training folks to click "Yes" to accept self-signed certificates.
Wonder what they will do when you present them a new CA to import into
their browser...

<peeve type=pet>
I agree with Rob on this.  The problem isn't technical, it's
psychological.  It is my personal opinion that, as IT professionals who
have a *choice*, we should not make choices that promote this form of
social engineering.  It's like making the choice to recycle/reduce/reuse:
You can't change the world, but you can change your corner of it.

If you're the only one who will use the self-signed cert, then, as Rob
says, it's a very useful tool.  But the instant you involve someone else,
you put *them* at risk.  Not with your sincere, well-intentioned,
self-signed cert, but with a Black Hat's cert out on the web.

I will not do online business with a company that has a certificate that
is
a) Self-signed
b) Not for the server I'm talking to

Thomas isn't talking about online business, he's talking about a system
in a broom cupboard where he's the only identified user.





--

Cheers
John

-- spambait
[EMAIL PROTECTED]  [EMAIL PROTECTED]
-- Advice
http://webfoot.com/advice/email.top.php
http://www.catb.org/~esr/faqs/smart-questions.html
http://support.microsoft.com/kb/555375

You cannot reply off-list:-)

----------------------------------------------------------------------
For LINUX-390 subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: INFO LINUX-390 or visit
http://www.marist.edu/htbin/wlvindex?LINUX-390

Reply via email to