Catch up on stories from the past week (and beyond) at the Slashdot story archive

 


Forgot your password?
Close
typodupeerror
×

Comment Re:Why so complicated? (Score 4, Informative) 62

by mhogomchungu (#38405958) Attached to: New Standard For Issuance of SSL/TLS Certificates

Why aren't SSL certs only to encrypt the transmission so data can't be packet sniffed? Why must the cert also certify that foo.com's owners paid $X for a cert?

SSL uses PKI(public key infrastructure). PKI provides two things, authentication and encryption. Authentication is critical because it proves the encrypted message is going the the recipient and there is nobody in the middle.

Why must the cert also certify that foo.com's owners paid $X for a cert?

It only certify that foo.com owns the certificate, it says nothing about how much the certificate costs.A certificate is a signed public key.

If I connect to mybank.com, can't I clearly tell from the URL that I'm going to where I think I'm going?

If you type "mybank.com" on your browser, your browser will make DNS request to get "mybank.com" IP address. Somebody could high jack the DNS request and return "iownyou.com" IP address and all of your data will send there instead of "mybank.com". Here is the part where the authenticity of the connection comes in.

In contrast, when I ssh between computers, I don't need any certs for that. Assuming I typed the host's name correctly, I'm going to where I think I'm going. Right?

When you ssh to a new computer, you will be presented with the other computer signature and asked if you trust the connection is coming from where you think its coming from and it is your responsibility to authenticate the connection. The CA system puts the responsibility on somebody else. The way ssh works is equivalent to self signed keys online. They will give you encryption but not authenticity. If you go to "mybank.com" and they say "we are mybank.com, trust us,we are who we say we are, here is an encrypted connection, use it to send your bank info", would you proceed? i hope you wont.

Comment Re:Community Myth (Score 2) 348

by mhogomchungu (#36789870) Attached to: Microsoft Developer Made the Most Changes To Linux 3.0 Code
Linux is still "a community effort of users putting their minds together". There may have been a shift from the community made up mostly of individuals to corporations but it is still, a community.

Does it matter if a contributor is an individual, an individual contributing on behalf of a company or company contributing as long as the code is of good quality, is offered in ways that agrees with the norms of the community and does not violate any license used by the community? Microsoft is contributing code because they are either using linux or they have people they are supporting who are using it hence they are part of the community effort. It doesnt matter how little any individual or company cares about the GPL, all it matters is that they conduct themselves in a way that does not violate it.

Comment where is linux? (Score 1) 436

by mhogomchungu (#23550017) Attached to: The Smartest Browser and OS
as both IE and safari do not work with linux(natively) ..most linux users use firefox, opera, konqueror among other browsers that have native linux versions .. i would guess more "firefox on unknown" would come from linux users than mac os X ..unless if he says far, far, far less people use safari on a mac ..

Slashdot Top Deals

Intel CPUs are not defective, they just act that way. -- Henry Spencer

Close