Puppy Linux Discussion Forum Forum Index Puppy Linux Discussion Forum
Puppy HOME page : puppylinux.com
"THE" alternative forum : puppylinux.info
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

The time now is Mon 22 Dec 2014, 02:33
All times are UTC - 4
 Forum index » Off-Topic Area » Security
Solution to the man in the middle and faked certificates?
Post_new_topic   Reply_to_topic View_previous_topic :: View_next_topic
Page 1 of 1 Posts_count  
Author Message
nooby

Joined: 29 Jun 2008
Posts: 10557
Location: SwedenEurope

PostPosted: Fri 09 Sep 2011, 05:25    Post_subject:  Solution to the man in the middle and faked certificates?
Sub_title: A suggestion from "Perspectiive Project"
 

A suggestion from "Perspectiive Project" to the man in the middle and faked certificates security problem?

http://perspectives-project.org/
Quote:

The root of the problem is that with the CA model, browsers blindly trust
a group of 600+ corporate and government parties (ref) to validate SSL certificates.
You as a web browser user have little or no choice about who to trust
and essentially no visibility into whether these organizations deserve your trust.

How Perspectives Helps

Perspectives takes a different approach to how the web browser determines if an SSL certificate is valid.
Instead of requiring browser users to trust an anointed group of certificate authorities,
Perspectives gives users the ability to pick a group they trust (e.g., the EFF, Google, their company, their university, their group of friends, etc.) and trust no one else.


I have not read the rest of the text. I doubt them do this for free so it maybe is only for companies and rich people?

But could not Linux as a body of caring people make their own list of trusted such certificates?

_________________
I use Google Search on Puppy Forum
not an ideal solution though
Back to top
View user's profile Send_private_message 
nooby

Joined: 29 Jun 2008
Posts: 10557
Location: SwedenEurope

PostPosted: Fri 09 Sep 2011, 08:24    Post_subject:  

I've read around the internet but Iam a lousy reader.
Found a Swedish text most likely just translatedfrom idg news.
Maybe from PCWorld or something like that.

it says that Mozilla have updated the browser to help with comodo and Diginotar certificates. But commentators says one can do it manually in FireFox by going to Edit > Preferences > Advanced > Ecryption > View Certificates and there take away the comodo and the diginotar.

is that safe to do? Can anybody explain what I am supposed to do?

I edited the picture now you should be able to see two of thecompromised ones comodo and diginotar
certificates.jpg
 Description   comodo and diginotar. What am I supposed to do?
 Filesize   58.74 KB
 Viewed   211 Time(s)

certificates.jpg


_________________
I use Google Search on Puppy Forum
not an ideal solution though
Back to top
View user's profile Send_private_message 
Display_posts:   Sort by:   
Page 1 of 1 Posts_count  
Post_new_topic   Reply_to_topic View_previous_topic :: View_next_topic
 Forum index » Off-Topic Area » Security
Jump to:  

Rules_post_cannot
Rules_reply_cannot
Rules_edit_cannot
Rules_delete_cannot
Rules_vote_cannot
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group
[ Time: 0.0437s ][ Queries: 12 (0.0057s) ][ GZIP on ]