User: Password:
|
|
Subscribe / Log in / New account

Firefox security status

Firefox security status

Posted Jun 8, 2007 21:54 UTC (Fri) by ekj (guest, #1524)
In reply to: Firefox security status by hawk
Parent article: Firefox security status

Sure, a certificate signed by one of the CAs that say Firefox trusts by default indicates *something*. Nothing that is useful for deciding if you trust software delivered from that host though.

A Verisign-signed certificate for "foobar.org" shows that Verisign is convinced that the person who they at one time sent the certificate too is the same entity that owns foobar.org.

This helps very nearly not at all.

  • It doesn't tell you what policy foobar.org has for letting people host stuff on their https-server.
  • It doesn't tell you if foobar.org has been compromised and the files trojaned.
  • It doesn't tell you if the developers/owners/administrators of foobar.org are dependable or not.


(Log in to post comments)


Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds