| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu Mar 16 22:15:50 2006 From: Valdis.Kletnieks at vt.edu (Valdis.Kletnieks@...edu) Subject: HTTP AUTH BASIC monowall On Thu, 16 Mar 2006 16:48:40 EST, Brian Eaton said: > I started digging around on Geotrust's web site looking for their > policy on issuing certificates and stumbled across a FAQ on > high-assurance SSL certificates. This sounds like a step in the right > direction. Yes, that's a partial solution, for those clued enough to understand it... > http://www.geotrust.com/products/ssl_certificates/hassl_faq.asp Several of the CA's do similar things. And they're usually nice enough to use separate root certs for the various classes - so if you feel so inclined, keep their 'We sign high-assurance certs" CA listed, and heave the "the verification e-mail didn't bounce" CA over the side. ;) -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 228 bytes Desc: not available Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20060316/48bbda42/attachment.bin
Powered by blists - more mailing lists