"Workstation" Product defaults to wide-open firewall
Reindl Harald
h.reindl at thelounge.net
Tue Dec 9 21:00:28 UTC 2014
Am 09.12.2014 um 21:47 schrieb Bruno Wolff III:
> On Tue, Dec 09, 2014 at 20:35:35 +0100,
> Reindl Harald <h.reindl at thelounge.net> wrote:
>>
>> Am 09.12.2014 um 20:20 schrieb Bruno Wolff III:
>>>
>>> There should be a way to disable FF's you need to click twice to accept
>>> certs that are not signed by authorities it recognizes.
>>
>> why?
>
> Because I have no trust in any of the cert authorities
me too
> but want to have encrypted sessions to prevent passive snooping
me too
but i want to least have a hint if i access a known site which
previously did not have a cert warning and now has because by all
problems with the CA stuff it's a strong indication something stinks
what you completly ignore is the fact with the current warnings of
firefox after accept the self signed cert it no longer wanns *but* if
that cert changes it warns again
without that you can throw away your whole encryption as long as you
don't know the complete infarstructure invloved and the target domain
singned with DNSSEC
security is not that easy and sadly won't never became that easy
that he connection is encrypted is nice but without know the other side
is the expected server completly worthless - i made a experiment in the
company network by redirect facebook to our own server - it don't take
long to get passwords
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 181 bytes
Desc: OpenPGP digital signature
URL: <http://lists.fedoraproject.org/pipermail/devel/attachments/20141209/6bc9f1d3/attachment.sig>
More information about the devel
mailing list