Puppy Linux Discussion Forum Forum Index Puppy Linux Discussion Forum
Puppy HOME page : puppylinux.com
"THE" alternative forum : puppylinux.info
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

The time now is Tue 16 Sep 2014, 00:56
All times are UTC - 4
 Forum index » Off-Topic Area » Security
Solution to the man in the middle and faked certificates?
Post new topic   Reply to topic View previous topic :: View next topic
Page 1 of 1 [2 Posts]  
Author Message
nooby

Joined: 29 Jun 2008
Posts: 10557
Location: SwedenEurope

PostPosted: Fri 09 Sep 2011, 05:25    Post subject:  Solution to the man in the middle and faked certificates?
Subject description: A suggestion from "Perspectiive Project"
 

A suggestion from "Perspectiive Project" to the man in the middle and faked certificates security problem?

http://perspectives-project.org/
Quote:

The root of the problem is that with the CA model, browsers blindly trust
a group of 600+ corporate and government parties (ref) to validate SSL certificates.
You as a web browser user have little or no choice about who to trust
and essentially no visibility into whether these organizations deserve your trust.

How Perspectives Helps

Perspectives takes a different approach to how the web browser determines if an SSL certificate is valid.
Instead of requiring browser users to trust an anointed group of certificate authorities,
Perspectives gives users the ability to pick a group they trust (e.g., the EFF, Google, their company, their university, their group of friends, etc.) and trust no one else.


I have not read the rest of the text. I doubt them do this for free so it maybe is only for companies and rich people?

But could not Linux as a body of caring people make their own list of trusted such certificates?

_________________
I use Google Search on Puppy Forum
not an ideal solution though
Back to top
View user's profile Send private message 
nooby

Joined: 29 Jun 2008
Posts: 10557
Location: SwedenEurope

PostPosted: Fri 09 Sep 2011, 08:24    Post subject:  

I've read around the internet but Iam a lousy reader.
Found a Swedish text most likely just translatedfrom idg news.
Maybe from PCWorld or something like that.

it says that Mozilla have updated the browser to help with comodo and Diginotar certificates. But commentators says one can do it manually in FireFox by going to Edit > Preferences > Advanced > Ecryption > View Certificates and there take away the comodo and the diginotar.

is that safe to do? Can anybody explain what I am supposed to do?

I edited the picture now you should be able to see two of thecompromised ones comodo and diginotar
certificates.jpg
 Description   comodo and diginotar. What am I supposed to do?
 Filesize   58.74 KB
 Viewed   209 Time(s)

certificates.jpg


_________________
I use Google Search on Puppy Forum
not an ideal solution though
Back to top
View user's profile Send private message 
Display posts from previous:   Sort by:   
Page 1 of 1 [2 Posts]  
Post new topic   Reply to topic View previous topic :: View next topic
 Forum index » Off-Topic Area » Security
Jump to:  

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group
[ Time: 0.0444s ][ Queries: 12 (0.0073s) ][ GZIP on ]