Re: SSL certificate modification

From: Henrick Hellström (henrick.hellstrm@telia.com)
Date: 10/10/02

• Next message: Rob Slade, doting grandpa of Ryan and Trevor: "REVIEW: "Hacking Exposed", Stuart McClure/Joel Scambray/George Kurtz"
• Previous message: Anne & Lynn Wheeler: "Re: SSL certificate modification"
• In reply to: Anne & Lynn Wheeler: "Re: SSL certificate modification"
• Next in thread: Anne & Lynn Wheeler: "Re: SSL certificate modification"
• Reply: Anne & Lynn Wheeler: "Re: SSL certificate modification"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

From: Henrick Hellström <henrick.hellstrm@telia.com>
Date: Thu, 10 Oct 2002 15:22:37 GMT

Anne & Lynn Wheeler wrote:
> Henrick Hellström <henrick.hellstrm@telia.com> writes:
>
>>It is possible that ordinary web browsers will only verify the URI. I
>>don't know. Other kinds of software would probably verify the IP
>>address if present. If the client has access to a secure and trusted
>>name server more fields could be verified.
>
>
> or eliminate the certificate all together. a primary reason for the
> existance of SSL server domain certificates is concerns abou the
> integrity of the domain name infrastructure (correctly serving up
> name->ip-address). The browser connects to a server (after getting
> the URI->ip-address translation) and then checks that server correctly
> posseses a certificate for the URI.

That's only one reason for the existance of SSL server certificates. The
other reason, which IMHO is even more important, is that certificates
contains certified public keys which are used during the SSL handshake
and e.g. prevents man-in-the-middle attacks.

---

• Next message: Rob Slade, doting grandpa of Ryan and Trevor: "REVIEW: "Hacking Exposed", Stuart McClure/Joel Scambray/George Kurtz"
• Previous message: Anne & Lynn Wheeler: "Re: SSL certificate modification"
• In reply to: Anne & Lynn Wheeler: "Re: SSL certificate modification"
• Next in thread: Anne & Lynn Wheeler: "Re: SSL certificate modification"
• Reply: Anne & Lynn Wheeler: "Re: SSL certificate modification"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Relevant Pages Re: SSL security with server certificate compromised ... Implications of Using the Data Encryption Standard " which includes ... in the SSL server digital certificate infrastructure ... certificates. ... http://www.garlic.com/~lynn/2006v.html#49 Patent buster for a method that increases password security ... (comp.security.misc) Re: Error number: 0x80096010 ... You cannot install some updates or programs ... Verify the status of all certificates in the certification path and import missing or damaged certificates from another computer ... (microsoft.public.windowsupdate) Re: security event 537 ... Yes we use SSL Server & Client Certificates. ... we have a few 2003 machines running web edition. ... (microsoft.public.windows.server.general) RE: Internet Certificates Gone ... This issue is often caused when your computer's date is incorrect. ... Verify ... certificate messages. ... How can I get the default certificates back? ... (microsoft.public.windowsxp.general) Re: Error number: 0x80096010 ... I am also getting this error code on windows update, ... my certificates good as per the article quoted in the last post. ... Verify the status of all certificates in the certification path and import ... (microsoft.public.windowsupdate)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(15)