cacert-sysadm AT lists.cacert.org
Subject: CAcert System Admins discussion list
List archive
- From: Daniel Black <daniel AT cacert.org>
- To: cacert-sysadm AT lists.cacert.org
- Subject: Re: [Cacert-sysadm] svn.cacert.org uses a compromised ssl key
- Date: Wed, 2 Jul 2008 19:34:45 +1000
- List-archive: <http://lists.cacert.org/pipermail/cacert-sysadm>
- List-id: CAcert System Admins discussion list <cacert-sysadm.lists.cacert.org>
- Organization: CACert
>, why does it takes so long for the
> administrative site to revoke a certificate - where access to the actual
> machine is not even needed?
Though it has already been done I will ask why does it matter?
1 because confidential data can be intercepted? - no it was public data
anyway
2 because MITM could intercept data? well yes but basic passive encrypted
traffic analysis will show what was downloaded anyway.
3 because MITM could modify data ? well yes however is it likely?
So now the occasional user is going to get a CRL/OCSP warning and then?
a) accept anyway
b) download from http instead
c) not download
So is someone going to go to the effort of 1a to
A) give you wrong information
B) put some content exploit on a document
Not likely!!
so apart from a bit of bad pr for cacert because of a lack of staffing and
missing once minor system/certificate what is the impact?
Sorry for talking a wildly apathetic approach to poor protection of public
data.
--
Daniel Black
(daniel AT cacert.org)
Email Administrator
Attachment:
signature.asc
Description: This is a digitally signed message part.
- [Cacert-sysadm] svn.cacert.org uses a compromised ssl key, Christoph A., 07/01/2008
- Re: [Cacert-sysadm] svn.cacert.org uses a compromised ssl key, Teus Hagen, 07/01/2008
- Re: [Cacert-sysadm] svn.cacert.org uses a compromised ssl key, Daniel Black, 07/01/2008
- Re: [Cacert-sysadm] svn.cacert.org uses a compromised ssl key, Daniel Black, 07/01/2008
- Re: [Cacert-sysadm] svn.cacert.org uses a compromised ssl key, Clement Herssens, 07/01/2008
- Re: [Cacert-sysadm] svn.cacert.org uses a compromised ssl key, Daniel Black, 07/01/2008
- Re: [Cacert-sysadm] svn.cacert.org uses a compromised ssl key, Christoph A., 07/01/2008
- Re: [Cacert-sysadm] svn.cacert.org uses a compromised ssl key, Guillaume ROMAGNY, 07/02/2008
- Re: [Cacert-sysadm] svn.cacert.org uses a compromised ssl key, Daniel Black, 07/02/2008
- Re: [Cacert-sysadm] svn.cacert.org uses a compromised ssl key, Sam Johnston, 07/02/2008
- Re: [Cacert-sysadm] svn.cacert.org uses a compromised ssl key, Guillaume ROMAGNY, 07/02/2008
- Re: [Cacert-sysadm] svn.cacert.org uses a compromised ssl key, Sam Johnston, 07/02/2008
- Re: [Cacert-sysadm] svn.cacert.org uses a compromised ssl key, Teus Hagen, 07/02/2008
- Re: [Cacert-sysadm] svn.cacert.org uses a compromised ssl key, Christoph A., 07/02/2008
- Re: [Cacert-sysadm] svn.cacert.org uses a compromised ssl key, Philipp Gühring, 07/06/2008
Archive powered by MHonArc 2.6.16.