Subject: Policy-Discussion
List archive
- From: Ian G <iang AT systemics.com>
- To: Policy-Discussion <cacert-policy AT lists.cacert.org>
- Subject: [CAcert-Policy] IE7 will see red on CACert
- Date: Fri, 28 Oct 2005 12:36:51 +0100
- List-archive: <http://lists.cacert.org/cgi-bin/mailman/private/cacert-policy>
- List-id: Policy-Discussion <cacert-policy.lists.cacert.org>
- Organization: http://financialcryptography.com/
Some of you may have noticed that I trumpeted
Microsoft's security additions announced for
IE7.
https://www.financialcryptography.com/mt/archives/000585.html
The shame, the shame! Well, Daniel put me right
by pointing out:
"...this blog will be one hell to read, because
1. name mismatch between the https links and the certificate
2. no signature chain from a trusted root"
OK, so I should fix up the cert and now that the SSL v2
destruction programme is underway this might be worthwhile
(depending on whether the CACert VhostTaskForce has a good
recommendation as yet... http://wiki.cacert.org/wiki/VhostTaskForce ;)
But part "2. no signature chain from a trusted root"
is much more worrying. Now, users will see a big red
banner on IE7 for CACert certs.
What's to be done? Grumble? Badger Microsoft to adopt
the Petname concept and make the URL bar yellow then
green for accepted (trusted) ? Rework the website to
be all bright red, so red is not the colour of warning
but is the proud and brave CACert brand? Hack into M$
this weekend and insert the root into their list? They
won't notice... File a bug and get people to vote for
it? They probably won't notice that either...
Any thoughts?
iang
- [CAcert-Policy] IE7 will see red on CACert, Ian G, 10/28/2005
- Re: [CAcert-Policy] IE7 will see red on CACert, Evaldo Gardenali, 10/28/2005
Archive powered by MHonArc 2.6.16.