Stories
Slash Boxes
Comments

Slashdot

News for nerds, stuff that matters

Toggle left menu

Preferences

Stories

Book Reviews

Recent reviews from Slashdot readers:

Advanced Excel for Scientific Data Analysis Learn to turn Excel into something that rivals Mathematica using VBA, brains, and a heaping helping of fortitude.(Jack Herrington's review.)
Nagios 3 Enterprise Network Monitoring A great book for anyone using Nagios as more than a casual user.(jgoguen's review.)
Schneier on Security Schneier argues that security is not something you can buy; it is something you must get.(Ben Rothke's review.)

Submitting a review for consideration is easy; please first read Slashdot's book review guidelines. Updated: 2008114 by samzenpus

Comments: 1 +- Firefox SSL-certificate debate gets gnarly -> on Thursday August 21 2008, @05:47PM BobB-nw

Submitted by BobB-nw on Thursday August 21 2008, @05:47PM

mozilla

BobB-nw writes "Debate is reaching a fever pitch over a new security feature in Firefox 3.0 that throws out a warning page to users when a Web site's SSL certificate is expired or has not been issued by a trusted third party. Critics say that Firefox 3.0 is putting undue fear and confusion into everyday Web surfers, makes it difficult to set exceptions for certain Web sites, and is forcing Web site operators to do business with specific vendors of SSL certificates or risk the appearance that their Web sites are broken."
Link to Original Source

slashdot maybe submission

This discussion was created for logged-in users only, but now has been archived. No new comments can be posted.

Firefox SSL-certificate debate gets gnarly More

The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

Without JavaScript enabled, you might want to use the classic discussion system instead. If you login, you can remember this preference.

Firefox Extension for self-signed/expired certs (Score:1)

by danwent (667893)

Check out: http://www.cs.cmu.edu/~perspectives/ [cmu.edu] This is a research project at Carnegie Mellon. The idea is that "network notary" servers scattered across the Internet uses network probing to build a history of keys uses by a server. When a client receives a self-signed/expired cert, it can compare with the certs seen by the network notaries and see if that key is value, or the result of a man-in-the-middle attack.

There may be more comments in this discussion. Without JavaScript enabled, you might want to turn on Classic Discussion System in your preferences instead.

Lay off the muses, it's a very tough dollar. -- S.J. Perelman

Slashdot

News for nerds, stuff that matters

Slashdot

Site Info

Stories

Book Reviews

Comments: 1 +- Firefox SSL-certificate debate gets gnarly -> on Thursday August 21 2008, @05:47PM BobB-nw

Firefox SSL-certificate debate gets gnarly 1 Comment More Login /

Please Log In to Continuex

Firefox Extension for self-signed/expired certs (Score:1)

Please Log In to Continuex

Close

Slashdot

News for nerds, stuff that matters

Slashdot { color: "", viewname: "stories", filter: "", name: "Main", id: 13 }

Site Info

Stories

Book Reviews

Comments: 1 +- Firefox SSL-certificate debate gets gnarly -> on Thursday August 21 2008, @05:47PM BobB-nw

Firefox SSL-certificate debate gets gnarly 1 Comment More Login /

Please Log In to Continuex

Firefox Extension for self-signed/expired certs (Score:1)

Please Log In to Continuex

Close

Slashdot