Duane <[EMAIL PROTECTED]> writes: >Peter Gutmann wrote:
>> You may as well name 'em since it's fairly well known, it's Verisign (yes, >> the >Actually another one, so that makes 2 of them (at least)... I've had several pieces of mail asking for clarification of my original statement about Verisign, here's how to see this yourself: 1. Disable SSLv2 in your browser (i.e. take it to the state that it should have been shipped in in the first place). 2. Go to https://www.networksolutions.com/ With Mozilla I get an error to say that I can't connect because SSLv2 is disabled. With MSIE it just hangs forever trying to connect, with no indication of what's wrong ("Thank Bill kids. Thaaaaanks, Bill"). I can't remember any more which banking sites had problems with the same thing, it was last year some time, but the Verisign/NS issue is fairly well known (at least among SSL'ers) and they don't seem interested in fixing it. Peter. _______________________________________________ Mozilla-security mailing list Mozilla-security@mozilla.org http://mail.mozilla.org/listinfo/mozilla-security