SSL certificates and MD5 collisions
Posted Jan 17, 2009 19:55 UTC (Sat) by bronson (subscriber, #4806)
Of course, the SSH warning has been shown to be fairly ineffective in the real world. And that's with sysadmins who should know better! What about regular people? When presented a dialog box saying "The certificate for Chase Bailout Bank has changed! Do you want to continue?" I would guess that 99 out of 100 of them would simply click "Yes."
But, I agree, it wouldn't hurt.
Posted Jan 20, 2009 9:33 UTC (Tue) by HenrikH (subscriber, #31152)
Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds