Adam wrote:
> On Fri, Jul 12, 2002 at 11:18:12AM -0400, Trei, Peter wrote:
> A 'second hand' root key seems to have some
> trust issues
> | - the thing you are buying is the private half of a public key pair
> | but that's just a piece of information. How can you be
> sure that,
> | as p
On Fri, Jul 12, 2002 at 11:18:12AM -0400, Trei, Peter wrote:
| > I'd rather not state the exact figures. A search of SEC filings may or
| > may not turn up further details.
| >
| > > And who actually owns these numerous trusted roots?
| >
| > I am not sure I understand the question.
| >
| > --
> Lucky Green[SMTP:[EMAIL PROTECTED]]
>
>
> James wrote:
> > On 11 Jul 2002 at 1:22, Lucky Green wrote:
> > > "Trusted roots" have long been bought and sold on the
> > secondary market
> > > as any other commodity. For surprisingly low amounts, you
> > too can own
> > > a trusted root that c
and just to make sure there is a common understanding regarding SSL cert
operation ... the browser code
1) checks that the SSL server cert can be validated by ANY public key that
is in the browser preloaded list (I haven't verified whether they totally
ignore all of the "cert" part of these prelo
Thanks for the tip! I just got a new cert from Geotrust,
and it was such an amazing contrast to those I've gotten
from Verisign and Thawte! They apparently take the verification
info from the whois data on the site, and you really can do
the process from start to finish in 10 minutes or so.
The
--
On 11 Jul 2002 at 1:22, Lucky Green wrote:
> "Trusted roots" have long been bought and sold on the secondary
> market as any other commodity. For surprisingly low amounts, you
> too can own a trusted root that comes pre-installed in >95% of
> all web browsers deployed.
How much, typically
On 12 July 2002, Peter Gutmann <[EMAIL PROTECTED]> wrote:
> (However, I do think that anyone wanting to compromise your security will use
> this morning's MSIE hole to do it rather than buying a CA key. OTOH it'd be a
> great universal skeleton key for government agencies charged with protectin
>IE comes preloaded with about 34 root certificate authorities, and
>it is easy for the end user to add more, to add more in batches.
A colleague of mine just loaded a new root into IE, and pointed
out that when one does this, the new root is apparently BY DEFAULT
enabled for all purposes, includ
"Lucky Green" <[EMAIL PROTECTED]> writes:
>"Trusted roots" have long been bought and sold on the secondary market as any
>other commodity. For surprisingly low amounts, you too can own a trusted root
>that comes pre-installed in >95% of all web browsers deployed.
I'd heard stories of collapsed d
On Wed, 10 Jul 2002 [EMAIL PROTECTED] wrote:
> --
> On 6 Jul 2002 at 9:33, R. A. Hettinga wrote:
> > Thawte has now announced a round of major price increases. New
> > cert prices appear to have almost doubled, and renewals have
> > increased more than 50%. While Thawte proclaims this is the
[EMAIL PROTECTED] <[EMAIL PROTECTED]> was seen to declaim:
> IE comes preloaded with about 34 root certificate authorities, and
> it is easy for the end user to add more, to add more in batches.
> Anyone can coerce open SSL to generate any certificates he
> pleases, with some work.
> Why is not so
At 03:48 PM 7/10/2002 -0700, [EMAIL PROTECTED] wrote:
> --
>On 6 Jul 2002 at 9:33, R. A. Hettinga wrote:
> > Thawte has now announced a round of major price increases. New
> > cert prices appear to have almost doubled, and renewals have
> > increased more than 50%.
>[...]
>Why is not someone
--
On 6 Jul 2002 at 9:33, R. A. Hettinga wrote:
> Thawte has now announced a round of major price increases. New
> cert prices appear to have almost doubled, and renewals have
> increased more than 50%. While Thawte proclaims this is their
> first price increase in five years, this comes at a
13 matches
Mail list logo
