Hi,
Yes, with the second operation offline and validating against the NSS
root store. I don't have a MS one at the moment, it would be interesting
(how do you extract that from Win? The EFF guys should know)
You might look at https://www.eff.org/files/ssl-observatory-code-r1.tar_.bz2
in
announcing Tahoe-LAFS v1.8.3, fixing a security issue
Dear People of the cryptography@randombit.net mailing list:
We found a vulnerability in Tahoe-LAFS (all versions from v1.3.0 to v1.8.2
inclusive) that might allow an attacker to delete files. This vulnerability
does not enable anyone to read
Hi,
Well, yes, but it is the Alexa Top 1 million list that is scanned. I can
give you a few numbers for the Top 1K or so, too, but it does remain a
relative popularity.
How many of those sites ever advertise an HTTPS end-point though?
Maybe users are extremely unlikely to ever see a link,
http://rdist.root.org/2011/09/13/the-magic-inside-bunnies-new-netv/
A year ago, what was probably the most important Pastebin posting ever was
released by an anonymous hacker. The HDCP master key gave the ability for
anyone to derive the keys protecting the link between DVD players and TVs.
I recently caught up with the rest of you and saw Moxie's Convergence
presentation [on youtube]. I truly hesitate to post here; there have
been so many long posts, that any additional ones are likely to result
in tl;dr.
I believe Convergence is... just another PKI, or set of PKIs, with
some
On Sep 13, 2011, at 7:14 PM, Ralph Holz wrote:
Hi,
HTTPS Everywhere makes users encounter this situation more than they
otherwise might.
A week or three ago, I got cert warnings - from gmail's page. (Yes, I'm
using HTTPS Everywhere).
When _that_ happens, please tell Google and EFF.
Arshad Noor writes:
I'm not sure I understand why it would be helpful to know all (or any)
intermediate CA ahead of time. If you trust the self-signed Root CA,
then, by definition, you've decided to trust everything that CA (and
subordinate CA) issues, with the exception of revoked
*not* nitpicking...
...as Peter Biddle points out, trust isn't transitive.
as an engineer, I feel compelled to add that security is not
composable, either (joining two secure systems does not necessarily
result in a secure composite)
*not* nitpicking.
--dan
On 09/14/2011 09:34 PM, Arshad Noor wrote:
On 9/14/2011 2:52 PM, Seth David Schoen wrote:
Arshad Noor writes:
I'm not sure I understand why it would be helpful to know all (or any)
intermediate CA ahead of time. If you trust the self-signed Root CA,
then, by definition, you've decided to