[TriLUG] CAcert meeting -- how to prepare
Lee Fickenscher
elfick at gmail.com
Mon Feb 9 17:29:54 EST 2009
On Mon, Feb 9, 2009 at 5:23 PM, Cristóbal Palmer <cmp at cmpalmer.org> wrote:
>
> What would be an attack against you that would leverage your having
> accepted it?
Dunno, thats why I asked. :)
> Do you check who the CA is when you hit a site with https
> and there is no error (eg. a new-to-you vendor with a web "shopping
> cart")?
Yes. I check the cert every time I go to a new site where I think it will
matter (ie. if I'm entering information) and I periodically check the certs
for sites that I have been to before (Bank, online retailers, etc).
More information about the TriLUG
mailing list