[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Another layer of security?
|
From: |
Giuseppe Scrivano |
|
Subject: |
Re: Another layer of security? |
|
Date: |
Sat, 30 Aug 2008 01:31:26 +0200 |
|
User-agent: |
Mozilla-Thunderbird 2.0.0.16 (X11/20080724) |
Hi Bruno,
>From what I understood it is an additional step when a self-signed
certificate is used, trying to validate it using public servers that
have almost the same function of CA with signed certificates.
I have many doubts about this software how be sure that the man in the
middle is not controlling the public server doing requests too?
If these public servers are keeping trace of fingerprints, then the
quality of this service depends from how many people are really using it
and how many certificates are already recorded on the public servers (by
the way, who can promise that what was recorded before is right?).
I didn't look at their paper, probably they explain better these simple
situations but in any case it looks like a weaker system than CA with
signed certificates and it shouldn't be trusted in the same way as the
certificate is never really validated by somebody.
Anyway, let's see how it will evolve :)
Regards,
Giuseppe
Bruno Miguel wrote:
> Hello.
>
> I just finished reading this article [1] in Linux Insider about a
> Firefox extension that adds another layer of security to the browser.
> After reading it, I'm starting to think that would be a good idea to
> include it in IceCat. Does the community consider this a good idea?
>
> Peace;
> Bruno Miguel
>
> [1] http://www.linuxinsider.com/story/64328.html
>
>
> --
> http://gnuzilla.gnu.org