SSL is broken on FreeBSD
Chad Perrin
perrin at apotheon.com
Fri Apr 1 23:15:24 UTC 2011
On Fri, Apr 01, 2011 at 10:24:35PM +0100, István wrote:
> > You're probably not aware (owing to your arrogance) that at least some of
> > the CAs which ship as part of the Mozilla bundle have been known to issue
> > fraudulent certificates in the past, even the past few weeks.
> >
>
> once there was a remote root in freebsd kernel, so I have just stopped using
> it
>
> (sometimes I wish I did....)
It is worth noting that there is a difference between, on one hand, using
software and discovering a bug exists in it that may not even have
possibly affected you -- and, on the other, taking some faceless third
party's assurances on issues of cryptographic trust and discovering that
refusing to take responsibility for your own decisions about trust has
placed your security at the mercy of untrustworthy people.
--
Chad Perrin [ original content licensed OWL: http://owl.apotheon.org ]
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 196 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-security/attachments/20110401/20b06f0c/attachment.pgp
More information about the freebsd-security
mailing list