KDEPIM 4.6 prob^Wimpressions

Alex Schuster wonko at wonkology.org
Tue Jul 26 19:53:21 BST 2011 

J writes:

> >From: Alex Schuster [mailto:wonko at wonkology.org]
> >PIM 4.6 prob^Wimpressions
> >
> >> > Indeed, ready for use means to me I could do online banking with
> >> > it.
> >> 
> >> Hmm, I always do online banking with Konqueror. Have done so for
> >> years.
> >
> >I always get warnings about untrusted certificates. I must admit I do
> >not know much about this area (Duncan does), and when I view the
> >certificate it is said to be trustable, but I feel better using another
> >browser that does not complain about certificates.
> 
> This is a feature, not a bug. (I cannot believe I just typed that.)

:-)

> There is a transition going on between 128bit and 1024bit certificates. 
> This requires an intermediate certificate of authority.  Konqueror is a
> stickler for this step, while Firefox, Safari, Chrome, and Opera aren't,
> as they tend to bundle the intermediate certificate with their build in
> chain.  When I install a new certificate for one of my webhost customers,
> I use Konqueror to verify that it has been installed correctly.  It is
> the only browser that checks each and every step of the certificate
> chain.  Technically any site that Konqueror complains about isn't
> properly installed and isn't properly secured.

Hey, cool! So Konqueror is leading technology again, at least in this area.

If you don't mind, I have one more questions on this. How bad is the 
security impact? For example, my online banking site is 
https://banking.postbank.de , probably one of the most used banking sites in 
Germany. How big is the risk of using it? Would you do this? What can be 
done to minimize the risk? Other than using Firefox and simply not seeing 
the warning dialog :)

Oh, and do others here also store sensible things like my online banking PIN 
in the wallet? Or is this considered too risky? Are there possible security 
problems with this?

And there's another issue I wanted to mention, but now I cannot reproduce 
it. The dialog that asks me whether to accept the certificate used to appear 
every time I open such a site, even if I choose to permanently accept it. 
Seems like this is now sorted out somehow :)

	Wonko
___________________________________________________
This message is from the kde mailing list.
Account management:  https://mail.kde.org/mailman/listinfo/kde.
Archives: http://lists.kde.org/.
More info: http://www.kde.org/faq.html.

More information about the kde mailing list