1996-01-12 - https & encrypted connections

Header Data

From: “Don M. Kitchen” <don@wero.cs.byu.edu>
To: cypherpunks@toad.com
Message Hash: d8cc441e0aa574e856a6d0d83a30fd0917731fc37331694b94837957e5609a67
Message ID: <199601120211.TAA00265@wero.cs.byu.edu>
Reply To: N/A
UTC Datetime: 1996-01-12 03:30:47 UTC
Raw Date: Thu, 11 Jan 96 19:30:47 PST

Raw message

From: "Don M. Kitchen" <don@wero.cs.byu.edu>
Date: Thu, 11 Jan 96 19:30:47 PST
To: cypherpunks@toad.com
Subject: https & encrypted connections
Message-ID: <199601120211.TAA00265@wero.cs.byu.edu>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

First of all, let me apologize for not being very knowledgable about CA's
and https and SSLeay, apache, and generating renegade (ie, your own)
certificates. If someone wants to go over this [again] certainly it'd be
welcome.

I was today playing around with a Mozilla 2.0beta5 that someone gave me
[more bells and whistles than my 1.12, but not much more bang for the buck]
and was showing a friend all the nifty information that netscape tells
about you when you visit sites, then went to c2 to show off the apache
web server and when I tried to use https:// to show off how you can have your
own encrypting web server for free and everything, a window popped up and
said the certificate was expired.

I couldn't really tell if it meant that the certificate that Sameer generated
really needed to be updated, or if Netscape beta 5 had just been rigged to
reject non-netscape certificates, but the end result was no encryption.

(Jeff, if you're reading this, of course we know that Netscape, with it's open
loving policies wouldn't do anything underhanded, but the thought does come
to mind, and by the way, when are we going to see an option to turn off or
control what information is passed out to the other end. Specifically, I'd like
http://anonymizer.cs.cmu.edu:8080/prog/snoop.pl to come up nearly blank.)

Soooo, anyway, I was wondering if anyone knows anything about the use of
privately generated certificates. Yes, Jeff, we know that Netscape is jumping
to fully support user-specified certificates, but personally I saw, relating
to certificates, a lot of *nifty* options and displays, but really didn't
see much in the way of anything that looked like "add".

...Looking forward to the day where end-to-end encryption is king, and the
TLA, my competition, or anyone else can take their packet sniffer and kiss
my butt.

Don
 
PS: my predictions on the PRZ-secretly-sold-out-rumor-index: 6.
    my predictions on the IQ of those making those claims:   6. (cumulative)
    woohooo Phil!
- -- 
<don@cs.byu.edu>           fRee cRyPTo!   jOin the hUnt or BE tHe PrEY
PGP key - http://students.cs.byu.edu/~don   or PubKey servers (0x994b8f39)
  June 7&14, 1995: 1st amendment repealed.  Junk mail to root@127.0.0.1
* This user insured by the Smith, Wesson, & Zimmermann insurance company *

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQB1AwUBMPXDV8La+QKZS485AQHkXwMAnGWVeLB6ntpkK1ksZ7a8+iklA/sPfIT2
XqqJRRX0Ddg2UuAAxmk6WOC/nxnRPRlM/4AkkaEohZRv14ccnlvv3qVGFxpLlxKG
iYgbn1x9/xgHjwAB31HqozQix79wPfB/
=v9ni
-----END PGP SIGNATURE-----





Thread