Re: SSL is broken on FreeBSD
--NzB8fVQJ5HfG6fxh
Content-Type: text/plain; charset=iso-8859-1
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
On Fri, Apr 01, 2011 at 10:24:35PM +0100, Istv=E1n wrote:
> > You're probably not aware (owing to your arrogance) that at least some =
of
> > the CAs which ship as part of the Mozilla bundle have been known to iss=
ue
> > fraudulent certificates in the past, even the past few weeks.
> >
>=20
> once there was a remote root in freebsd kernel, so I have just stopped us=
ing
> it
>=20
> (sometimes I wish I did....)
It is worth noting that there is a difference between, on one hand, using
software and discovering a bug exists in it that may not even have
possibly affected you -- and, on the other, taking some faceless third
party's assurances on issues of cryptographic trust and discovering that
refusing to take responsibility for your own decisions about trust has
placed your security at the mercy of untrustworthy people.
--=20
Chad Perrin [ original content licensed OWL: http://owl.apotheon.org ]
--NzB8fVQJ5HfG6fxh
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.14 (FreeBSD)
iEYEARECAAYFAk2WWaYACgkQ9mn/Pj01uKXk1ACeKTzXSK1iPX+DyYKdfdSK/r/7
N3IAoLUgy8otzdSIN5sDQY2Yp3z5bWs9
=HgSa
-----END PGP SIGNATURE-----
--NzB8fVQJ5HfG6fxh--
討論串 (同標題文章)
完整討論串 (本文為第 22 之 42 篇):