BLU Discuss list archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Discuss] free SSL certs from the EFF
- Subject: [Discuss] free SSL certs from the EFF
- From: Joe at Polcari.com (Joe Polcari)
- Date: Thu, 4 Dec 2014 13:25:27 -0500
- In-reply-to: <5480A14C.1080303@gmail.com>
- References: <sjm8uirdxem.fsf@securerf.ihtfp.org> <BN3PR0401MB1204B299B351DFF7F2E85FBDDC7D0@BN3PR0401MB1204.namprd04.prod.outlook.com> <sjmlhmqcb1j.fsf@securerf.ihtfp.org> <BN3PR0401MB120492A5BDE4D3CEE0AECDD3DC7A0@BN3PR0401MB1204.namprd04.prod.outlook.com> <sjm8uiqc7sw.fsf@securerf.ihtfp.org> <547E0FB3.3070005@gmail.com> <sjmy4qobui6.fsf@securerf.ihtfp.org> <547F3855.10106@gmail.com> <sjmtx1bbf7w.fsf@securerf.ihtfp.org> <5480856D.6050205@gmail.com> <20141204163645.GA11641@dragontoe.org> <54809327.5040802@gmail.com> <225b01d00fe5$dde00d40$99a027c0$@Polcari.com> <5480A14C.1080303@gmail.com>
More like Bad news: you have to find somewhere else to connect to the net if you're going to get fired for not doing so. -----Original Message----- From: discuss-bounces+joe=polcari.com at blu.org [mailto:discuss-bounces+joe=polcari.com at blu.org] On Behalf Of Richard Pieri Sent: Thursday, December 04, 2014 1:01 PM To: discuss at blu.org Subject: Re: [Discuss] free SSL certs from the EFF On 12/4/2014 12:15 PM, Joe Polcari wrote: > To me, that's a good reason for things to stop working. For certain values of "good" I suppose. Good news: your email wasn't hacked. Bad news: you're fired for failing to submit your reports on time. On 12/4/2014 12:36 PM, John Hall wrote: > I had not heard of DANE (DNS based authentication of named > entities). I found found rfc-6698 in a search .. not sure if anyone > mentioned it yet. > https://datatracker.ietf.org/doc/rfc6698/ I think Firefox 34 takes note of it. It's a digital signature from a host's TLS key added to that host's DNS records which you can use instead of following the X.509 trust chain to verify the certificate. Which is to say, it shifts trust away from certificate authorities like VeriSign to top-level DNS registrars like VeriSign. And it has the same failure modes and lack of failure mitigation that DNSSEC has. -- Rich P. _______________________________________________ Discuss mailing list Discuss at blu.org http://lists.blu.org/mailman/listinfo/discuss
- Follow-Ups:
- [Discuss] free SSL certs from the EFF
- From: richard.pieri at gmail.com (Richard Pieri)
- [Discuss] free SSL certs from the EFF
- References:
- [Discuss] free SSL certs from the EFF
- From: warlord at MIT.EDU (Derek Atkins)
- [Discuss] free SSL certs from the EFF
- From: blu at nedharvey.com (Edward Ned Harvey (blu))
- [Discuss] free SSL certs from the EFF
- From: warlord at MIT.EDU (Derek Atkins)
- [Discuss] free SSL certs from the EFF
- From: blu at nedharvey.com (Edward Ned Harvey (blu))
- [Discuss] free SSL certs from the EFF
- From: warlord at MIT.EDU (Derek Atkins)
- [Discuss] free SSL certs from the EFF
- From: richard.pieri at gmail.com (Richard Pieri)
- [Discuss] free SSL certs from the EFF
- From: warlord at MIT.EDU (Derek Atkins)
- [Discuss] free SSL certs from the EFF
- From: richard.pieri at gmail.com (Richard Pieri)
- [Discuss] free SSL certs from the EFF
- From: warlord at MIT.EDU (Derek Atkins)
- [Discuss] free SSL certs from the EFF
- From: richard.pieri at gmail.com (Richard Pieri)
- [Discuss] free SSL certs from the EFF
- From: invalid at pizzashack.org (Derek Martin)
- [Discuss] free SSL certs from the EFF
- From: richard.pieri at gmail.com (Richard Pieri)
- [Discuss] free SSL certs from the EFF
- From: Joe at Polcari.com (Joe Polcari)
- [Discuss] free SSL certs from the EFF
- From: richard.pieri at gmail.com (Richard Pieri)
- [Discuss] free SSL certs from the EFF
- Prev by Date: [Discuss] free SSL certs from the EFF
- Next by Date: [Discuss] free SSL certs from the EFF
- Previous by thread: [Discuss] free SSL certs from the EFF
- Next by thread: [Discuss] free SSL certs from the EFF
- Index(es):
