[prev in list] [next in list] [prev in thread] [next in thread]
List: openbsd-misc
Subject: Re: SMTP TLS, SMTP AUTH, POP TLS -a plea
From: Eugen Leitl <eugen () leitl ! org>
Date: 2004-10-22 12:53:58
Message-ID: 20041022125357.GQ1457 () leitl ! org
[Download RAW message or body]
On Fri, Oct 22, 2004 at 10:35:47PM +1000, Damien Miller wrote:
> No way. There is nothing worse than seeing "Snake Oil" or localhost
> certificates on the net. Don't encourage bad practice.
Your CA wants to see your ID? Great. Mine doesn't. So what's your CA's worth
again, now? At least I know what's in those jars thar. Cause I brewed them
myself.
> I really hope that you don't ship the same key and cert to all your
> users.
No. You generate it at setup, using whatever entropy pool the system has.
--
Eugen* Leitl <a href="http://leitl.org">leitl</a>
______________________________________________________________
ICBM: 48.07078, 11.61144 http://www.leitl.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE
http://moleculardevices.org http://nanomachines.net
[demime 0.98d removed an attachment of type application/pgp-signature]
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic