[Info-vax] [OT] Zero trust software, was: Re: Rethinking DECNET ?
JF Mezei
jfmezei.spamnot at vaxination.ca
Wed Sep 3 11:34:30 EDT 2014
On 14-09-03 08:38, Bill Gunshannon wrote:
> My private certificates provide much more security because I can be
> certain I haven't given them to any third parties.
But you have no defence against a malicious site redirecting DNS to
their site and using their own self signed certificate to impersonate
your site fully.
When your certificate is "registered" with an authority, there is
confidence that when someone does https://www.chocolate.com , they will
get to YOUR site and if someone tried to hijack your site, browsers will
warn the end user that the certificate presented by the "new" site is
invalid.
More information about the Info-vax
mailing list