Nodoka 0.7 beta 1 released

Máirín Duffy duffy at
Tue Jan 8 14:15:19 UTC 2008

Kevin Kofler wrote:
> Matthias Clasen <mclasen <at>> writes:
>> Making it this annoying may be the only way to get some of the web sites
>> fixes. I'd certainly hope that it has this effect for the RH/Fedora
>> servers...
> "Get them fixed" as in "force them to shell out loads of money to the 
> certificate cartels"... What security does this bring in practice? Consider 
> that many phishing sites have valid (!) SSL certificates, whereas several 
> legitimate sites have self-signed certificates.
> And no, I don't need a theory rehash about man-in-the-middle attacks, I know 
> that valid certificates prevent these, but in practice MITM isn't what's used 
> for real-world attacks, phishing-gangster-at-the-other-end is, and SSL 
> certificates have shown highly vulnerable to these (because let's face it, the 
> certificate cartels' real motivation is to make money, they'll do as few 
> verifications of their clients as they'll get away with).

I had to look at the to: line on your email to confirm that it really 
was sent to fedora-art-list.

Please, take this discussion off-list as it doesn't have much to do with 
Fedora's artwork.


More information about the Fedora-art-list mailing list