next »

[Tzu]

Also...who the Sith really IS this certification authority, anyway?  The all-powerful Verisign?  And who in the long list of open-source coders at Mozilla decide which certs are authorized?  Here's an interesting throught...are there certs that would be accepted by MSIE that are not trusted in Chrome and Opera?  Maybe some that Mozilla accepts that aren't trusted by Safari?  Or do they all just pull from one big list that Verisign puts out and trust it?  The whole process seems fishy to me.

http://en.wikipedia.org/wiki/Certificate_authority#Providers

So Verisign (and a couple others) control the internet.  Awesome.  lol

What the fuck happened in here?

A conversation?

[Deusstyles]

What the fuck happened in here?

I have no idea, I just posted a plug in that helps prevent MiTM attacks.

[Deusstyles]

So I read some of this, and yeah basically RA's suck ass. I like this service because I can use 4 different off site servers to verify that the site I'm connecting to is the right server. Two could do DNSSEC and two could do certificates for example. Further more I don't have to report my browser traffic to a third party every time I go to a site because I store the settings I received from the notaries on my computer and only check back with them if the server information changes.

The one down side is that some sites don't work because they have multiple servers have separate certificates (from different RAs sometimes, Chase had 3 different certs from 3 different RAs on each server that myself and the two default notaries). Citibank, Google+, and Chase are the only sites I've seen that have had this problem though so it's not wide spread. To me that's more of a problem with InfoSec departments not knowing how to export a fucking key... That's just my opinion though.