cacert-sysadm AT lists.cacert.org
Subject: CAcert System Admins discussion list
List archive
- From: Ian G <iang AT cacert.org>
- To: cacert-sysadm AT lists.cacert.org
- Cc: Philipp Guehring <philipp AT cacert.org>, Daniel Black <daniel AT cacert.org>, dieter.hennig AT id.ethz.ch, Mario Lipinski <mario AT cacert.org>
- Subject: Re: two possible MD5 hashed certificates in a chain
- Date: Wed, 13 Jan 2010 14:38:37 +0100
- Authentication-results: lists.cacert.org; dkim=pass (1024-bit key) header.i= AT cacert.org; dkim-asp=none
On 13/01/2010 11:34, Philipp Guehring wrote:
Hi,
Is this good/better/bad/ugly and why?
I am using class3 certs. So just turning class 3 off just because of a
senseless desire of some people is not an option imho.
My suggestion is that we add some warning messages to the web-interface,
that tells the users about the problems with the class3 certificate and
discourages them to use it, (and to automatically use class1 instead of
class3) but to still allow class3 for those users that still need it.
Is this acceptable for everyone?
It sounds good to me. Indeed, it is a perceptional response to a perceptional issue, or to put it in americanisms, it is a low hanging fruit.
However, I am waiting to see if the users concerned (the two universities) are really prepared to use the Class 1.
iang
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature
- Re: two possible MD5 hashed certificates in a chain, (continued)
- Re: two possible MD5 hashed certificates in a chain, Ian G, 01/13/2010
- Re: two possible MD5 hashed certificates in a chain, Philipp Gühring, 01/13/2010
- Re: two possible MD5 hashed certificates in a chain, Andreas Bürki, 01/13/2010
- Re: two possible MD5 hashed certificates in a chain, Ian G, 01/13/2010
- Re: two possible MD5 hashed certificates in a chain, Andreas Bürki, 01/13/2010
- Re: two possible MD5 hashed certificates in a chain, Philipp Gühring, 01/13/2010
- Re: two possible MD5 hashed certificates in a chain, Guillaume ROMAGNY - CAcert support, 01/12/2010
- Re: two possible MD5 hashed certificates in a chain, Daniel Black, 01/13/2010
- Re: two possible MD5 hashed certificates in a chain, Mario Lipinski, 01/12/2010
- Re: two possible MD5 hashed certificates in a chain - dropping future class3 certificates (until NewRoots), Daniel Black, 01/13/2010
- Re: two possible MD5 hashed certificates in a chain - dropping future class3 certificates (until NewRoots), Mario Lipinski, 01/13/2010
- Re: two possible MD5 hashed certificates in a chain, Philipp Guehring, 01/13/2010
- Re: two possible MD5 hashed certificates in a chain, Ian G, 01/13/2010
- Re: two possible MD5 hashed certificates in a chain, Dieter Hennig, 01/13/2010
- Re: two possible MD5 hashed certificates in a chain, Ian G, 01/13/2010
- Re: two possible MD5 hashed certificates in a chain, Dieter Hennig, 01/13/2010
- Antwort: Re: two possible MD5 hashed certificates in a chain, roberto . mazzoni, 01/13/2010
- Re: Antwort: Re: two possible MD5 hashed certificates in a chain, Ian G, 01/13/2010
- Antwort: Re: Antwort: Re: two possible MD5 hashed certificates in a chain, roberto . mazzoni, 01/13/2010
- Re: Antwort: Re: Antwort: Re: two possible MD5 hashed certificates in a chain, Guillaume ROMAGNY, 01/13/2010
- Re: Antwort: Re: Antwort: Re: two possible MD5 hashed certificates in a chain, Dieter Hennig, 01/13/2010
- Re: two possible MD5 hashed certificates in a chain, Roberto Mazzoni, 01/13/2010
- Re: two possible MD5 hashed certificates in a chain, Guillaume ROMAGNY, 01/13/2010
- Re: two possible MD5 hashed certificates in a chain, Dieter Hennig, 01/13/2010
- Re: two possible MD5 hashed certificates in a chain, Ian G, 01/13/2010
- Re: two possible MD5 hashed certificates in a chain, Dieter Hennig, 01/13/2010
- Re: two possible MD5 hashed certificates in a chain, Ian G, 01/13/2010
- Re: two possible MD5 hashed certificates in a chain - dropping future class3 certificates (until NewRoots), Daniel Black, 01/13/2010
- Re: two possible MD5 hashed certificates in a chain, Ian G, 01/13/2010
Archive powered by MHonArc 2.6.16.