Kevin Kofler wrote:
Matthias Clasen <mclasen <at> redhat.com> writes:
Making it this annoying may be the only way to get some of the web sites
fixes. I'd certainly hope that it has this effect for the RH/Fedora
servers...
"Get them fixed" as in "force them to shell out loads of money to the
certificate cartels"... What security does this bring in practice? Consider
that many phishing sites have valid (!) SSL certificates, whereas several
legitimate sites have self-signed certificates.
And no, I don't need a theory rehash about man-in-the-middle attacks, I know
that valid certificates prevent these, but in practice MITM isn't what's used
for real-world attacks, phishing-gangster-at-the-other-end is, and SSL
certificates have shown highly vulnerable to these (because let's face it, the
certificate cartels' real motivation is to make money, they'll do as few
verifications of their clients as they'll get away with).
I had to look at the to: line on your email to confirm that it really
was sent to fedora-art-list.
Please, take this discussion off-list as it doesn't have much to do with
Fedora's artwork.
Thanks,
~m
_______________________________________________
Fedora-art-list mailing list
Fedora-art-list@xxxxxxxxxx
http://www.redhat.com/mailman/listinfo/fedora-art-list
