Firewall Wizards mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Firewall best practices

From: "Bruce B. Platt" <bruce () ei3 com>
Date: Wed, 28 Apr 2010 14:17:54 -0400


lordchariot said in part:



... but can you imagine
if a nefarious CA got embedded into the browser?

Meh, it actually probably wouldn't make much difference anyway. Users are
just going to click OK anyway to bypass the warning...sigh.


...

Capture some packets when using IE when it finds a web site using a
certificate whose entire certification path is not included in the local
machine account's "Trusted Root Certification Authorities".  What happens is
both enlightening and frightening when this occurs with the wrong
certificate.

I chose not to elaborate on the consequences.  I share erik's "sigh".




-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

_______________________________________________
firewall-wizards mailing list
firewall-wizards () listserv icsalabs com
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
Previous By Date Next
Previous By Thread Next

Current thread: