Re: Buy official *.gnome.org SSL certificate?

From: Olav Vitters <olav bkor dhs org>
To: Benjamin Holmberg <benjamin holmberg gmail com>
Cc: gnome-sysadmin gnome org, gnome-infrastructure gnome org
Subject: Re: Buy official *.gnome.org SSL certificate?
Date: Sat, 12 May 2007 21:37:28 +0200

On Sat, May 12, 2007 at 02:34:16PM -0500, Benjamin Holmberg wrote:
>  Why not just self sign?

It doesn't avoid an attack. It would make sniffing much harder, but not
impossible. You just do a man in the middle attack with another self
signed certificate.

More importantly, IE7 will show a very big warning page for self signed
SSL sites. The default suggestion is to not visit the site. This is not
acceptable for Bugzilla (Mango perhaps.. except for translators using
it).

-- 
Regards,
Olav

References:
- Buy official *.gnome.org SSL certificate?
  - From: Olav Vitters
- Re: Buy official *.gnome.org SSL certificate?
  - From: Benjamin Holmberg

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]