[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Lynx-dev] TLS-"transport layer security" & LYNX
|
From: |
Thorsten Glaser |
|
Subject: |
Re: [Lynx-dev] TLS-"transport layer security" & LYNX |
|
Date: |
Sun, 29 Jul 2018 22:12:09 +0000 (UTC) |
Mouse dixit:
>Because there is no technical difference between that and a cert for
>*.com or *.qc.ca: there is no way to tell, when presented with the
>cert, whether everything covered by it is under common administration.
Except the asterisk does not match a dot.
So *.com would be valid for example.com but not www.example.com.
CAs are a critical failure point anyway… I recall posting to this
list a suggestion that lynx could remember server certificates,
what others, a decade or so later, now call HPKP IIRC.
bye,
//mirabilos
--
Stéphane, I actually don’t block Googlemail, they’re just too utterly
stupid to successfully deliver to me (or anyone else using Greylisting
and not whitelisting their ranges). Same for a few other providers such
as Hotmail. Some spammers (Yahoo) I do block.
- Re: [Lynx-dev] TLS-"transport layer security" & LYNX, (continued)
- Re: [Lynx-dev] TLS-"transport layer security" & LYNX, David Niklas, 2018/07/28
- Re: [Lynx-dev] TLS-"transport layer security" & LYNX, Mouse, 2018/07/28
- Re: [Lynx-dev] TLS-"transport layer security" & LYNX, Thorsten Glaser, 2018/07/28
- Re: [Lynx-dev] TLS-"transport layer security" & LYNX, Mouse, 2018/07/28
- Re: [Lynx-dev] TLS-"transport layer security" & LYNX, Steffen Nurpmeso, 2018/07/28
- Re: [Lynx-dev] TLS-"transport layer security" & LYNX, Travis Siegel, 2018/07/28
- Re: [Lynx-dev] TLS-"transport layer security" & LYNX, David Woolley, 2018/07/28
- Re: [Lynx-dev] TLS-"transport layer security" & LYNX, Thorsten Glaser, 2018/07/28
Re: [Lynx-dev] TLS-"transport layer security" & LYNX, David Niklas, 2018/07/29