[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-security] self issue of certificates

Subject: Re: [cobalt-security] self issue of certificates
From: "Jelmer Jellema" <cobalt@xxxxxxxxxxxxxxx>
Date: Thu, 28 Feb 2002 22:36:38 +0100
Organization: Spin in het Web (www.spininhetweb.nl)
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

> >Why would you or anyone send your password in clear
> >text when all you have to do is self-issue a cert to
> >get 128-bit ssl protection?

By the way. I read something about the auth part of the https connection
starting *before* the ssl-encryption was established, thush sending the
apache auth password unencrypted, only to start encrypting right after?
Maybe I misunderstood? (hope so).

Jelmer

Follow-Ups:
- Re: [cobalt-security] self issue of certificates
  - From: Jeff Lasman

References:
- [cobalt-security] self issue of certificates
  - From: duncan gray

Prev by Date: [cobalt-security] Re: cobalt-security digest, Vol 1 #690 - 1 msg
Next by Date: Re: [cobalt-security] Best way to check email securely?
Previous by thread: Re: [cobalt-security] Best way to check email securely?
Next by thread: Re: [cobalt-security] self issue of certificates

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index