[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [suse-security] Plaintext passwords IMAP please!

On Wednesday 14 January 2004 17:29, BarkerJr wrote:

> > however teaching all the clients that they should trust a self-signed
> > cert sure isn't, so this may not be a viable option for you anyway.
> Sounds like an Outlook Express issue to me.  Don't blame SuSE for
> Microsoft's shortcomings.

To be fair, that is not what I meant.  Every good client should complain about 
a certificate without a chain of trust.  What I meant was is that there are 
several ways to avoid or solve this, like importing a root CA cert or telling 
all the clients to trust certain certificates.  And my point was that without 
knowing how many client machines we're talking about, it is not for us to say 
if such a change is simple (or even feasible).

But now we're on the subject, I do believe a problem lies with microsofts' 
implementation since I am still having great trouble to convince M$ hosts to 
trust my root CA. It imports fine, installs fine and works fine. Then, after 
the next reboot everything is gone and we get the Nag-boxes back... :-((

On the other hand I never had any trouble telling mozilla or konqueror they 
must henceforth trust my root CA. But windows keeps forgetting it trusts me.

(To be honest, it WOULD be bad judgement for a windows box to trust me... ;-))


Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here