Nodoka 0.7 beta 1 released

Kevin Kofler kevin.kofler at
Tue Jan 8 06:34:16 UTC 2008

Matthias Clasen <mclasen <at>> writes:
> Making it this annoying may be the only way to get some of the web sites
> fixes. I'd certainly hope that it has this effect for the RH/Fedora
> servers...

"Get them fixed" as in "force them to shell out loads of money to the 
certificate cartels"... What security does this bring in practice? Consider 
that many phishing sites have valid (!) SSL certificates, whereas several 
legitimate sites have self-signed certificates.

And no, I don't need a theory rehash about man-in-the-middle attacks, I know 
that valid certificates prevent these, but in practice MITM isn't what's used 
for real-world attacks, phishing-gangster-at-the-other-end is, and SSL 
certificates have shown highly vulnerable to these (because let's face it, the 
certificate cartels' real motivation is to make money, they'll do as few 
verifications of their clients as they'll get away with).

        Kevin Kofler

More information about the Fedora-art-list mailing list