CAcert System Admins discussion list

["Sam Johnston" <samj AT samj.net>]

Firefox error attached, for the archives... no complaints from Safari.

Sam

On Wed, Jul 2, 2008 at 12:03 PM, Guillaume ROMAGNY <guillaume AT tiebogos.fr> wrote:

Hi Daniel,

Daniel Black a écrit :

, why does it takes so long for the
administrative site to revoke a certificate - where access to the actual
machine is not even needed?

Though it has already been done I will ask why does it matter?

Apparently not, and now I have a fatal message from Firefox3 I bet the ocsp is working.

1 because confidential data can be intercepted? -  no it was public data anyway
2 because MITM could intercept data? well yes but basic passive encrypted traffic analysis will show what was downloaded anyway.
3 because MITM could modify data ? well yes however is it likely?

So now the occasional user is going to get a CRL/OCSP warning and then?
a) accept anyway
b) download from http instead
c) not download

Impossible to bypass with FF3 AFAI see

--
Cordialement, Best regards,

Guillaume
Tiebogos (by L'Oreal), parce que je le 'veau' bien.

Vision without action is a daydream. Action without vision is a
nightmare.  -- Japanese Proverb

_______________________________________________
CAcert-sysadm mailing list
CAcert-sysadm AT lists.cacert.org
https://lists.cacert.org/cgi-bin/mailman/listinfo/cacert-sysadm

Attachment: Picture 42.png
Description: PNG image