https://events.ccc.de/congress/2010/Fahrplan/attachments/1649_Sec-T_2010_Jul... https://events.ccc.de/congress/2010/Fahrplan/events/4221.en.html Executive summary: JavaScript in PDF is a security nightmare; most PDF parsers are thoroughly broken. Best Martin
Martin Schröder wrote:
https://events.ccc.de/congress/2010/Fahrplan/events/4221.en.html
-> This Connection is Untrusted You have asked SeaMonkey to connect securely to events.ccc.de, but we can't confirm that your connection is secure. Normally, when you try to connect securely, sites will present trusted identification to prove that you are going to the right place. However, this site's identity can't be verified. What Should I Do? If you usually connect to this site without problems, this error could mean that someone is trying to impersonate the site, and you shouldn't continue. Technical Details events.ccc.de uses an invalid security certificate. The certificate is not trusted because the issuer certificate is unknown. (Error code: sec_error_unknown_issuer) I Understand the Risks
2010/12/31 Philip Taylor (Webmaster, Ret'd)
This Connection is Untrusted
You have asked SeaMonkey to connect securely to events.ccc.de, but we can't confirm that your connection is secure.
Phil, I suggest you look at _all_ the root certificates your browser _already_ trusts. Please report how many these are and if _you_ trust them _all_. The ccc.de cert is signed by CA cert. Best Martin
Martin Schröder wrote:
Phil, I suggest you look at _all_ the root certificates your browser _already_ trusts. Please report how many these are and if _you_ trust them _all_.
Too much work for New Years Eve, Martin : maybe next year :-)
The ccc.de cert is signed by CA cert.
Attached is Seamonkey's analysis (as screenshot; Seamonkey didn't seem to want to allow textual copy). ** Phil.
2010/12/31 Philip Taylor (Webmaster, Ret'd)
Martin Schröder wrote:
I suggest you look at _all_ the root certificates your browser _already_ trusts. Please report how many these are and if _you_ trust them _all_.
Too much work for New Years Eve, Martin : maybe next year :-)
Phil, your browser already most likely trusts chinese (prc) and saudi arabian authorities without your knowledge. So why do you make such a fuzz about the ccc site? Click "I know the risks" and continue. Best Martin PS: https://addons.mozilla.org/de/firefox/addon/6415/
Martin Schröder wrote:
Phil, your browser already most likely trusts chinese (prc) and saudi arabian authorities without your knowledge. So why do you make such a fuzz about the ccc site? Click "I know the risks" and continue.
Yes, I know the risks :
Three things are certain: Death, taxes and lost data. Guess which has occurred.
No way, José ! ** Phil.
participants (2)
-
Martin Schröder -
Philip Taylor (Webmaster, Ret'd)