Just looked at this:
https://letsencrypt.org/howitworks/technology/
The EFF's new CA to make things cheap and easy for
installing certs. I like the goal.
What I do not get from the description is how they
really verify that I legitimately own the site. If
I should manage to reroute some traffic
Maybe it requires DNSSEC?
But if you can hijack the DNS request between wherever their servers are
coming from, then there are much larger issues at play that you need to
address.
-Andrew
On Wed, Nov 19, 2014 at 10:13 AM, Richard Brooks r...@g.clemson.edu wrote:
Just looked at this:
Scusa, Giovanni...
On Tue, Nov 18, 2014 at 10:38:41AM +0100, Giovanni Pellerano wrote:
As Facebook has recently opened its own onion site [3], we’ve been
coordinating this release with Alec Muffett from Facebook in order to
block access to Facebook by means of the Tor2web proxy. Because
Sorry for answering my own question, but I hope it's interesting.
On Wed, Nov 19, 2014 at 05:14:48PM +0100, carlo von lynX wrote:
It is non-obvious to me how accessing FB over T2W would be hurting users.
If tor2web hands the TLS negotiation through from the web browser to the
Facebook backend,
From: Samantha Neuber sneu...@stanford.edu David Kay
dka...@stanford.edu
Interested in virtual reality or animal welfare?
Stop by White Plaza between 10 am and 3 pm this Thursday, November 20th to
experience an innovative new virtual reality experience: I, Chicken. Using
VR equipment,
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Hopefully you've seen the developing description of the protocol here:
https://github.com/letsencrypt/acme-spec/blob/master/draft-barnes-acme.md
That sounds like it will soon make its way into IETF for a broader
discussion. I don't see an explicit
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
My question boils down to:
DNS (not DNSSEC) is unauthenticated, and a number
of spoofing, poisoning attacks have been shown. One
of the goals of the certs is to authenticate the
other end of the communications, but I get the
impression that this
On 19 November 2014 09:13, Richard Brooks r...@g.clemson.edu wrote:
Just looked at this:
https://letsencrypt.org/howitworks/technology/
The EFF's new CA to make things cheap and easy for
installing certs. I like the goal.
What I do not get from the description is how they
really verify
On Wed, Nov 19, 2014 at 3:13 PM, Richard Brooks r...@g.clemson.edu wrote:
Just looked at this:
https://letsencrypt.org/howitworks/technology/
The EFF's new CA to make things cheap and easy for
installing certs. I like the goal.
What I do not get from the description is how they
really
You realize this is the same thing that the entire CA system currently uses and
the purpose of the project is not to “fix” the CA system, right? This aspect
isn’t any weaker than what people already do (if you’ve ever bought an SSL
cert). They aren’t trying to address any DNS issues and making
On Wed, Nov 19, 2014 at 3:13 PM, Richard Brooks r...@g.clemson.edu wrote:
Just looked at this:
https://letsencrypt.org/howitworks/technology/
The EFF's new CA to make things cheap and easy for
installing certs. I like the goal.
What I do not get from the description is how they
really
See below for details about a rally tomorrow in SF for network neutrality,
supported in part by EFF.
-- Forwarded message --
From: April Glaser ap...@eff.org
Date: Tue, Nov 18, 2014 at 1:14 PM
Subject: [Funlist] Thursday 11/20: People's Hearing and Rally at SF City
Hall
To:
12 matches
Mail list logo
