Nodoka 0.7 beta 1 released
Máirín Duffy
duffy at redhat.com
Tue Jan 8 14:15:19 UTC 2008
Kevin Kofler wrote:
> Matthias Clasen <mclasen <at> redhat.com> writes:
>> Making it this annoying may be the only way to get some of the web sites
>> fixes. I'd certainly hope that it has this effect for the RH/Fedora
>> servers...
>
> "Get them fixed" as in "force them to shell out loads of money to the
> certificate cartels"... What security does this bring in practice? Consider
> that many phishing sites have valid (!) SSL certificates, whereas several
> legitimate sites have self-signed certificates.
>
> And no, I don't need a theory rehash about man-in-the-middle attacks, I know
> that valid certificates prevent these, but in practice MITM isn't what's used
> for real-world attacks, phishing-gangster-at-the-other-end is, and SSL
> certificates have shown highly vulnerable to these (because let's face it, the
> certificate cartels' real motivation is to make money, they'll do as few
> verifications of their clients as they'll get away with).
I had to look at the to: line on your email to confirm that it really
was sent to fedora-art-list.
Please, take this discussion off-list as it doesn't have much to do with
Fedora's artwork.
Thanks,
~m
More information about the Fedora-art-list
mailing list