Security Basics mailing list archives
Re: Certificate Authority Question
From: Shreyas Zare <shreyas () secfence com>
Date: Fri, 4 Jun 2010 21:02:07 +0530
Hi Craig, After all stupid those arguments from the other post (Checkpoint smart defance as IPS), you created this thread to clear things up! And, I agree to your point in current thread as, now for discussion, its a valid point. Its really a matter of concern for all as PKI is *the* thing which makes all e-Commerce possible. Finally, its about who you trust, everything is based on trust factor. Also, many governments *are* intercepting SSL/TLS already as they some how control CAs and there are wiretapping laws that allow them to do it legally. Regards, Shreyas Zare Sr. Information Security Researcher Secfence Technologies www.secfence.com On Fri, Jun 4, 2010 at 3:36 AM, Craig S. Wright <craig.wright () information-defense com> wrote:
Hello, Based on some of the post I have seen, I would like to ask how many people and organisations have removed untrusted CAs from their browsers. This is not trusted by the browser, but ones you can yourself have some confidence in? There are several MD2 and MD5 root certs within IE. How many people have deleted these from their browser? How many people on the list allow all default root CAs as trusted? How many have even thought about the consequences of leaving CNNIC and the Government CA's from South America as trusted? I would be interested to know as this is a security list. What occurs here should be more secure than for the average person. Regards, ... Dr. Craig S Wright GSE-Malware, GSE-Compliance, LLM, & ... Information Defense Pty Ltd
------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
Current thread:
- Re: Checkpoint smart defance as IPS, (continued)
- Message not available
- Re: Checkpoint smart defance as IPS Shreyas Zare (Jun 07)
- RE: Checkpoint smart defance as IPS Craig S. Wright (Jun 07)
- Message not available
- Re: Checkpoint smart defance as IPS Shreyas Zare (Jun 07)
- Message not available
- Re: Checkpoint smart defance as IPS Shreyas Zare (Jun 07)
- RE: Checkpoint smart defance as IPS Craig S. Wright (Jun 07)
- RE: Checkpoint smart defance as IPS Craig S. Wright (Jun 07)
- RE: Checkpoint smart defance as IPS Craig S. Wright (Jun 07)
- Message not available
- Message not available
- Message not available
- Message not available
- Message not available
- Message not available
- RE: Checkpoint smart defance as IPS Craig S. Wright (Jun 09)
- RE: Checkpoint smart defance as IPS Craig S. Wright (Jun 03)
- Certificate Authority Question Craig S. Wright (Jun 03)
- Message not available
- Re: Certificate Authority Question Shreyas Zare (Jun 07)