Re: Fedora home server using core 9

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Tue, 2008-09-02 at 23:06 +0930, Tim wrote:
> The average HTTPS website that "just works" for you has paid a lot of
> money to someone like Verisign to assert that they're who they claim
> to be

The irony is that if you read Versign's documentation, they don't
actually claim to guarantee this. They just go through some standardized
checking process involving external authorities such as notaries or
business registries. A sufficiently interested adversary can quite
easily register a company and get a certificate. If you don't recognize
the company using external information (e.g. it's called IBM or The New
York Times) you have no objective reason to trust it.

poc

-- 
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines

[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux