The EFF has put up a new page for a project which it calls the SSL observatory. They have spent months collecting information about SSL certificates across the net; as one might expect, they have found some interesting things.
Read more »The EFF SSL Observatory
http://lwn.net –
Category: Industry Tags:
- Login to post comments
GNUzilla and IceCat toward a self-signed certificate behavior
http://lists.gnu.org –
"I recently made a blog post complaining about the behavior in Firefox 3 [...] After that post got Slashdotted, I got an email from Giuseppe Scrivano saying that he was interested in implementing better certificate behavior in IceCat. The question is this: What is the optimal certificate handling behavior for a web browser? ..."
Read more »
Category: High End Tags:
- Login to post comments
Mozilla SSL policy bad for the Web
http://pandion.ferrus.net –
"Mozilla Firefox 3 limits usable encrypted (SSL) web sites to those who are willing to pay money to one of their approved digital certificate vendors. This policy is bad for the web. Not only does it make users less secure overall by reducing the number of encrypted connections, it damages the basic principle of equality among web participants..."
Read more »Category: Community Tags:
- Login to post comments
Firefox 3 improves handling of invalid SSL certificates
http://blog.ivanristic.com –
I have downloaded the beta of Firefox 3 to check out the improvements related to SSL. First, there's the added support for Extended Validation SSL certificates, but I am not very excited about that (I wrote about this previously in Extended Validation SSL certificates not going anywhere, as predicted).
Read more »
Category: Community Tags:
- Login to post comments
