1996-07-30 - Netscape Security Lies

Header Data

From: source@iaccess.za
To: cypherpunks@toad.com
Message Hash: 6599e317f10c4bfae9aaa066b33e1009e788561c264ffd4bab424b73db1e6945
Message ID: <199607300939.CAA24753@toad.com>
Reply To: N/A
UTC Datetime: 1996-07-30 12:51:33 UTC
Raw Date: Tue, 30 Jul 1996 20:51:33 +0800

Raw message

From: source@iaccess.za
Date: Tue, 30 Jul 1996 20:51:33 +0800
To: cypherpunks@toad.com
Subject: Netscape Security Lies
Message-ID: <199607300939.CAA24753@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


We have just tested Netscape's security page and it seems they are either lying
or have a major bug.

All you have to do to confirm this is to go to their page
http://home.netscape.com/newsref/ref/netscape-security.html#test
and click on the link under the heading Testing the Secure Server link
"Here is a secure server you can visit.

Do an iptrace and analyse of the interaction between the server and their
browser version 3.05bgold and 3.05b, of which both reports that they are not
even running a secure version of the server there.

We decided to test further and found that the RSA secure server is only SSL 2 
and SSL 3 which is what Netscape seems to be touting to the resting of the 
world saying they have it NOW. Later, if not much later seems far more
realistic. 

I do not like being lied to, mislead or steam rolled by, how about
you?







Thread