Re: Improper SSL certificate issuing by CAs

Kurt Seifried wrote: Is this another 1st of April joke? At least your timing is a bit > questionable;-) No this is not an April fools joke. The PDF at Linux Magazine is what will be in the print copy (due out in 3 weeks I believe) Kurt, the best group for sending this and also to continue the

Re: Improper SSL certificate issuing by CAs

for the information. Verisign OnSite service is allowing sub-CA for corporate. the corporate operator is able to request issueing SSL certificate for there server from VERISIGN ROOT CA. and verisign root ca automatically issues the certificate by the request of company. I think this is one of the

Re: Improper SSL certificate issuing by CAs

Eddy Nigg wrote: > On 04/01/2010 02:40 PM, Michael Ströder: >> You could also spend ~5000 EUR and have your own corporate sub-CA issuing >> certs for whatever DNS name you want. > > Which doesn't imply that no domain control validation is performed. Off course everything is covered by contracts.

Re: Improper SSL certificate issuing by CAs

On 04/01/2010 02:40 PM, Michael Ströder: You could also spend ~5000 EUR and have your own corporate sub-CA issuing certs for whatever DNS name you want. Which doesn't imply that no domain control validation is performed. -- Regards Signer: Eddy Nigg, StartCom Ltd. XMPP:start...@start

Re: Improper SSL certificate issuing by CAs

Kurt Seifried wrote: >> Is this another 1st of April joke? At least your timing is a bit >> questionable ;-) > > No this is not an April fools joke. The PDF at Linux Magazine is what > will be in the print copy (due out in 3 weeks I believe). The reality > is you can trivially buy SSL certificates

Re: Improper SSL certificate issuing by CAs

On 04/01/2010 01:42 PM, Kurt Seifried: Is this another 1st of April joke? At least your timing is a bit questionable ;-) No this is not an April fools joke. The PDF at Linux Magazine is what will be in the print copy (due out in 3 weeks I believe). The reality is you can trivially buy SSL

Re: Improper SSL certificate issuing by CAs

> Is this another 1st of April joke? At least your timing is a bit > questionable ;-) No this is not an April fools joke. The PDF at Linux Magazine is what will be in the print copy (due out in 3 weeks I believe). The reality is you can trivially buy SSL certificates for websites you don't control

Re: Improper SSL certificate issuing by CAs

On 04/01/2010 10:35 AM, ssladministra...@portugalmail.pt: Kurt Seifried here: So I picked a webmail provider at random (sorry portugalmail.pt!) and filled in the account form, taking ssladministrator as the email name. Using this I was then able to buy a secure web certificate for portugalmai

Re: Improper SSL certificate issuing by CAs

On 04/01/2010 10:35 AM, ssladministra...@portugalmail.pt: Kurt Seifried here: So I picked a webmail provider at random (sorry portugalmail.pt!) and filled in the account form, taking ssladministrator as the email name. Using this I was then able to buy a secure web certificate for portugalmai

Re: Improper SSL certificate issuing by CAs

Hi Kurt, Terrific! What's your next step now? Where do you intend to publish it? PS. I know a real person who's name is Marco Polo ;-) Regards Signer: Eddy Nigg, COO/CTO StartCom Ltd. XMPP: start...@startcom.org Blog: Join the Revolution!

Re: Improper SSL certificate issuing by CAs

On Thu, 01 Apr 2010 08:35:28 +0100 ssladministra...@portugalmail.pt wrote: > Kurt Seifried here: > > So I picked a webmail provider at random (sorry portugalmail.pt!) and > filled in the account form, taking ssladministrator as the email name. > Using this I was then able to buy a secure web

Improper SSL certificate issuing by CAs

Kurt Seifried here: So I picked a webmail provider at random (sorry portugalmail.pt!) and filled in the account form, taking ssladministrator as the email name. Using this I was then able to buy a secure web certificate for portugalmail.pt since the verification process is so weak. Here are