[kde-linux] Am I Alone?

Paul Hartman paul.hartman+gentoo at gmail.com
Thu Oct 1 16:36:47 UTC 2009


On Thu, Oct 1, 2009 at 2:08 AM, Kevin Krammer <kevin.krammer at gmx.at> wrote:

> On Thursday, 2009-10-01, Anne Wilson wrote:
> > On Thursday 01 October 2009 00:53:37 James Tyrer wrote:
> > > Anne Wilson wrote:
> > > <SNIP>
> > >
> > > > I've seen no such problem, so I can't comment.
> > >
> > > Then go to:
> > >
> > > http://capitalone.com/
> >
> > I did.  In konqueror.  It said that Capital One uses an invalid
> certificate
> >  and cannot be trusted.  It then asked if I wanted to continue.  I said
> >  'yes' and it entered the site.
>
> A user on kde at kde.org also reported such certificate problems and I've
> seen
> that myself as well. Initially I thought it applied to all certificates but
> I
> think it only applies to those issued by VeriSign.
>
> Can somebody confirm this? I.e. post a link to a SSL enabled site using a
> non-
> VeriSign certificate?
>

FYI the latest release of Seamonkey 1.1.18 also complains about the
certificate on that site.

I think it is an indirect certificate, A signs B signs C. Konq knows A but
not B, and doesn't trust B even though A trusts B and we trust A. Something
like that.

I think this is the cert in question:
http://svrsecure-aia.verisign.com/SVRSecure2005-aia.cer
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.kde.org/pipermail/kde-linux/attachments/20091001/94ab0010/attachment.html>


More information about the kde-linux mailing list