[ioquake3] ff3 vs bugzilla
arny at ats.s.bawue.de
Thu May 29 01:47:14 PDT 2008
Can anyone here give me any valid reason, why I should trust the plethora of
certification authorities, that come with the openssl cert bundle installed
with the browser?
On Donnerstag, 29. Mai 2008, monk at rq3.com wrote:
> and I think they have to be renewed yearly. Blah!
And why this is a good thing can be seen with the latest openssl fuckup.
Someone who was quick enough already generated a valid "signed" OpenSSL cert
for akamai that will get accepted by any browser :-)
And then there's this bank whose certificate only expires after 3 years:
That means, all certificates for this bank are practically worthless for as
long as the old certificate is still valid.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 189 bytes
Desc: This is a digitally signed message part.
More information about the ioquake3