cacert-sysadm AT lists.cacert.org
Subject: CAcert System Admins discussion list
List archive
- From: Guillaume ROMAGNY <guillaume AT tiebogos.fr>
- To: Daniel Black <daniel AT cacert.org>, CAcert System Administrators <cacert-sysadm AT lists.cacert.org>
- Subject: Re: [Cacert-sysadm] svn.cacert.org uses a compromised ssl key
- Date: Wed, 02 Jul 2008 12:03:02 +0200
- List-archive: <http://lists.cacert.org/pipermail/cacert-sysadm>
- List-id: CAcert System Admins discussion list <cacert-sysadm.lists.cacert.org>
- Openpgp: id=EB42B796
- Organization: Springfield Nuclear Power Plant HeadQuarters
Hi Daniel,
Daniel Black a écrit :
, why does it takes so long for the
administrative site to revoke a certificate - where access to the actual
machine is not even needed?
Though it has already been done I will ask why does it matter?
Apparently not, and now I have a fatal message from Firefox3 I bet the ocsp is working.
1 because confidential data can be intercepted? - no it was public data anyway
2 because MITM could intercept data? well yes but basic passive encrypted traffic analysis will show what was downloaded anyway.
3 because MITM could modify data ? well yes however is it likely?
So now the occasional user is going to get a CRL/OCSP warning and then?
a) accept anyway
b) download from http instead
c) not download
Impossible to bypass with FF3 AFAI see
--
Cordialement, Best regards,
Guillaume
Tiebogos (by L'Oreal), parce que je le 'veau' bien.
Vision without action is a daydream. Action without vision is a
nightmare. -- Japanese Proverb
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature
- [Cacert-sysadm] svn.cacert.org uses a compromised ssl key, Christoph A., 07/01/2008
- Re: [Cacert-sysadm] svn.cacert.org uses a compromised ssl key, Teus Hagen, 07/01/2008
- Re: [Cacert-sysadm] svn.cacert.org uses a compromised ssl key, Daniel Black, 07/01/2008
- Re: [Cacert-sysadm] svn.cacert.org uses a compromised ssl key, Daniel Black, 07/01/2008
- Re: [Cacert-sysadm] svn.cacert.org uses a compromised ssl key, Clement Herssens, 07/01/2008
- Re: [Cacert-sysadm] svn.cacert.org uses a compromised ssl key, Daniel Black, 07/01/2008
- Re: [Cacert-sysadm] svn.cacert.org uses a compromised ssl key, Christoph A., 07/01/2008
- Re: [Cacert-sysadm] svn.cacert.org uses a compromised ssl key, Guillaume ROMAGNY, 07/02/2008
- Re: [Cacert-sysadm] svn.cacert.org uses a compromised ssl key, Daniel Black, 07/02/2008
- Re: [Cacert-sysadm] svn.cacert.org uses a compromised ssl key, Sam Johnston, 07/02/2008
- Re: [Cacert-sysadm] svn.cacert.org uses a compromised ssl key, Guillaume ROMAGNY, 07/02/2008
- Re: [Cacert-sysadm] svn.cacert.org uses a compromised ssl key, Sam Johnston, 07/02/2008
- Re: [Cacert-sysadm] svn.cacert.org uses a compromised ssl key, Teus Hagen, 07/02/2008
- Re: [Cacert-sysadm] svn.cacert.org uses a compromised ssl key, Christoph A., 07/02/2008
- Re: [Cacert-sysadm] svn.cacert.org uses a compromised ssl key, Philipp Gühring, 07/06/2008
Archive powered by MHonArc 2.6.16.