Hello Vilius,
Tuesday, April 19, 2011, 12:53:03 AM, you wrote:
JS>>> That's weird - it certainly worked for me (I recently switched to
JS>>> StartSSL for our mail server's certificate, and TB didn't know this
JS>>> CA, so I added their certificate).
>> I found out that the cert is wrong. It's in
Sveiki,
Monday, April 18, 2011, 6:23:01 PM, you wrote:
> Hello Jernej,
> On Fri, 8 Apr 2011 18:41:31 +0200 GMT (08/Apr/11, 23:41 PM +0700 GMT),
> Jernej Simončič wrote:
>>> I think I mentioned it before: I added this somehow with the result
>>> that no messages could be sent anymore. I had to g
Hello Jernej,
On Fri, 8 Apr 2011 18:41:31 +0200 GMT (08/Apr/11, 23:41 PM +0700 GMT),
Jernej Simončič wrote:
>> I think I mentioned it before: I added this somehow with the result
>> that no messages could be sent anymore. I had to go through the cert
>> list in TB! and delete the one in question.
Sveiki,
Friday, April 8, 2011, 8:08:14 PM, you wrote:
> Hi Jernej,
>> It isn't - but it's not any worse than using an unencrypted
>> connection.
> OK, but what to do if the other side does not wish to install some encryption?
> I had to delete mine, because no one of the people I'm exchanging
On Friday, April 8, 2011, 19:08:14, Gunivortus Goos wrote:
> OK, but what to do if the other side does not wish to install some encryption?
We're not talking about PGP/GPG/S-MIME here - we're talking about
encrypted connection between your client and POP3/IMAP/SMTP server
(which primarily ensures
Hi Jernej,
> It isn't - but it's not any worse than using an unencrypted
> connection.
OK, but what to do if the other side does not wish to install some encryption?
I had to delete mine, because no one of the people I'm exchanging mail with,
has de/encryption. The answers I get the most if aski
On Thursday, April 7, 2011, 18:30:02, Thomas Fernandez wrote:
> Thanks for correcting me. In fact, I don't sign certificates, my
> university does and I only click "OK" each time. Doing that regularly
> without knowing whether the certificate is really OK, might not be
> within the philosophy of u
On Thursday, April 7, 2011, 18:33:07, Thomas Fernandez wrote:
> I think I mentioned it before: I added this somehow with the result
> that no messages could be sent anymore. I had to go through the cert
> list in TB! and delete the one in question. The result was that I get
> asked every time and
Hello Jernej,
On Wed, 6 Apr 2011 19:58:22 +0200 GMT (07/Apr/11, 0:58 AM +0700 GMT),
Jernej Simončič wrote:
>> I would join the request for the possibility to store an exception
>> for an otherwise invalid certificate just as I can (for example) in
>> Firefox...
JS> Just import it in Trusted Roo
Hello Jernej,
On Wed, 6 Apr 2011 20:04:16 +0200 GMT (07/Apr/11, 1:04 AM +0700 GMT),
Jernej Simončič wrote:
>> You are right, it does not add security.
JS> Wrong - your own certificates are the only ones you can actually trust
JS> (assuming you don't let the private key escape), so they're more
J
Hi Simon,
> 1.- Certify endpoints. For this there must be an unbroken certificate
> chain from a trusted CA down through 0 or more intermediate
> certificates to the end certificate that is being used. For this
> purpose Vilius is right, self-signed certificates are no use.
Why would that be?
F
On Wednesday, April 6, 2011, 19:21:03, Simon Martin wrote:
> 1.- Certify endpoints. For this there must be an unbroken certificate
> chain from a trusted CA down through 0 or more intermediate
> certificates to the end certificate that is being used. For this
> purpose Vilius is right, self-signed
On Wednesday, April 6, 2011, 16:19:10, Thomas Fernandez wrote:
> You are right, it does not add security.
Wrong - your own certificates are the only ones you can actually trust
(assuming you don't let the private key escape), so they're more
trustworthy than certificates signed by 3rd party CAs.
On Wednesday, April 6, 2011, 16:21:35, Vilius Šumskas wrote:
> And I would join opposing side, that it would make The Bat! for average user
> less safe.
No, it wouldn't (besides, it's already supported). Not just that, but
if you want to be really safe, you'll delete every CA that's installed
by
On Wednesday, April 6, 2011, 14:41:53, Viktor Kabelac wrote:
> I would join the request for the possibility to store an exception
> for an otherwise invalid certificate just as I can (for example) in Firefox...
Just import it in Trusted Root CA in Address book, and it'll work.
--
< Jernej Simon
Sveiki,
Wednesday, April 6, 2011, 8:56:31 PM, you wrote:
> This is what the confirmation dialog does. It says "I have this
> certificate that I don't trust, do you trust it?" and also gives the
> details for the certificate. This means that the user has the control
> to decide whether or not to t
Sveiki,
Wednesday, April 6, 2011, 8:21:03 PM, you wrote:
> Hi Vilius et al,
> Wednesday, April 6, 2011, 12:00:16 PM, you wrote:
>>> > You can do this by using standard plain text connection method.
>>> That is hard to do if the server, for example, only supports SSL
>>> connections (as is commo
Title: Re: TLS + Self Signed Certificate
I have the same problem, in v4 I could add my cert to trusted, now this button is inactive, this will be changed in next release or should I buy new cert?
regards
ML
Wednesday, April 6, 2011, 6:18:49 PM, you wrote:
>> I'm not sure why you
> I'm not sure why you think this is "a common practice". Sure it was the
> case like 5 years ago, but now every major webmail provider, bigger
Only "SSL only" was meant to be common practice - not the self-signed
certificates. Did I express myself this unclearly?
> companies and even universities
Hello Vilius,
On Wed, 6 Apr 2011 18:54:50 +0300 GMT (06/Apr/11, 22:54 PM +0700 GMT),
Vilius Šumskas wrote:
>> >> VŠ> What's the point to accept and store self-signed certificate
>> >> VŠ> anyway? It ads zero security.
>> >>
>> >> You are right, it does not add security. However, it adds
>> >> con
> > You can do this by using standard plain text connection method.
> That is hard to do if the server, for example, only supports SSL
> connections (as is common practice today) and uses self-signed certs for
> that - and as such just as good as advising someone, who complains that
> a car lets hi
> >> VŠ> What's the point to accept and store self-signed certificate
> >> VŠ> anyway? It ads zero security.
> >>
> >> You are right, it does not add security. However, it adds
> >> convenience.
>
> VŠ> Convenience? How?
>
> Byu not having to click OK to accept the cert each time I send a
> messa
Hello Vilius,
On Wed, 6 Apr 2011 18:07:15 +0300 GMT (06/Apr/11, 22:07 PM +0700 GMT),
Vilius Šumskas wrote:
>> VŠ> What's the point to accept and store self-signed certificate
>> VŠ> anyway? It ads zero security.
>>
>> You are right, it does not add security. However, it adds
>> convenience.
VŠ>
> You can do this by using standard plain text connection method.
That is hard to do if the server, for example, only supports SSL
connections (as is common practice today) and uses self-signed certs for
that - and as such just as good as advising someone, who complains that
a car lets him put in d
> Hello Vilius,
>
> On Wed, 6 Apr 2011 17:10:29 +0300 GMT (06/Apr/11, 21:10 PM +0700 GMT),
> Vilius Šumskas wrote:
>
> VŠ> What's the point to accept and store self-signed certificate
> VŠ> anyway? It ads zero security.
>
> You are right, it does not add security. However, it adds
> convenience.
Hello Vilius,
On Wed, 6 Apr 2011 17:10:29 +0300 GMT (06/Apr/11, 21:10 PM +0700 GMT),
Vilius Šumskas wrote:
VŠ> What's the point to accept and store self-signed certificate
VŠ> anyway? It ads zero security.
You are right, it does not add security. However, it adds
convenience.
VŠ> This was discu
Hello Viktor,
On Wed, 6 Apr 2011 14:41:53 +0200 GMT (06/Apr/11, 19:41 PM +0700 GMT),
Viktor Kabelac wrote:
VK> I would join the request for the possibility to store an
VK> exception for an otherwise invalid certificate just as I can (for
VK> example) in Firefox...having had the same problem in th
>> how is that supposed to be helping the original poster?
>> I believe he was asking for a possibility to explicitly mark a certificate
>> as trusted locally. To my knowledge Thawte & alia can only issue him an
>> official one, >> which is not really what he was aiming for.
I don't know that.
Hi Vilius,
> What's the point to accept and store self-signed certificate
> anyway?
It's a required function.
End of story. It's as simple as that.
--
Mit freundlichen Grüßen
Alto Speckhardt
mailto:alto.speckha...@gmx.de
Current bet
Title: Re: TLS + Self Signed Certificate
Hello Vilius,
how is that supposed to be helping the original poster?
I believe he was asking for a possibility to explicitly mark a certificate as trusted locally. To my knowledge Thawte & alia can only issue him an official one, which is not re
Hello Simon,
> I am using the internal S/MIME and TLS implementation.
Is there a reason for that?
> Is there anywhere I can register my certificate to avoid these errors?
If you used the standard Windows mechanism, all you have to do is
import the root-certificate (the one that had been used
On Wednesday, April 6, 2011, 15:04:30, Simon Martin wrote:
> I host my own mail server (Courier). Being the cheapskate that I
> am, I use a self signed certificate for TLS/SSL connections. I am
> using the internal S/MIME and TLS implementation.
http://www.startssl.com/ offers free SSL certifica
Hello,
Search for VeriSign, Thawte, Comodo.
--
Vilius
From: tbbeta-boun...@thebat.dutaint.com
[mailto:tbbeta-boun...@thebat.dutaint.com] On Behalf Of Simon Martin
Sent: 2011 m. balandžio 6 d. 16:05
To: tbbeta@thebat.dutaint.com
Subject: TLS + Self Signed Certificate
Hi all,
I
33 matches
Mail list logo
