You just connected to your online banking site, and up comes the little
lock showing the link is encrypted, secure, and can't be listened into
right? WRONG!!
With the intercept and gag laws in the US as they are, Verisign or any
other certificate authority can be compelled to issue duplicate
certificates, add on to this the fact that browsers don't warn about
fingerprints on certificates changing and you have a security nightmare
waiting to happen. Then of course the little issue of Verisign
controlling/redirecting DNS via proxy servers, and being one of the
largest commercial providers of snoop services to the US government
doesn't even begin to come into it.
And before you say, Mozilla software is so much more secure and they'd
be willing to listen, Mozilla developers have given me a wall of silence
on their news groups when the topic comes up, and when I filed a bug
report, it was hastily marked as invalid.
http://blog.cacert.org/2005/05/43.html
http://bugzilla.mozilla.org/show_bug.cgi?id=294730
--
Best regards,
Duane
http://www.cacert.org - Free Security Certificates
http://www.nodedb.com - Think globally, network locally
http://www.sydneywireless.com - Telecommunications Freedom
http://happysnapper.com.au - Sell your photos over the net!
http://e164.org - Using Enum.164 to interconnect asterisk servers
"I do not try to dance better than anyone else.
I only try to dance better than myself."
_______________________________________________
Mozilla-security mailing list
[email protected]
http://mail.mozilla.org/listinfo/mozilla-security
