689 entries in 0.923s
jurov: you'll have to pay CA scammers for
ssl cert?
jurov: i can see where this is supposed to go... to provide "
SSL-secured(r)(tm) bitcoin deposit address"
jurov: you mean like we "don't have to" buy a recognized
ssl certificate?
jurov: oh it's prolly meant to build on existing
SSL CA infrastructure?... god save us
mircea_popescu: in
ssl, you acquire it on the basis that a third party says its ok, much like the dns system.
mircea_popescu:
ssl only requires you have the server's public key. it's thus half a protocol.
dexX7: so let's say you cloak and sign traffic with gpg or something like that.. like you do for order transmission. that's what
ssl does, right?
mircea_popescu: and for the other, take lavabit as a convenient example. the theoretical privacy offered by the service depended on a godaddy
ssl cert and the owner's resistance to fbi court orders.
jurov: Of course bitcoinera.net also offers industry standard security,
SSL certificates, AES hard disk encryption, hashed passwords, offline cold storage and transaction PINs which makes it one of the most secure online bitcoin wallets available.
mircea_popescu: that's the other thing. what sort of braindamaged retard actually expects
ssl to protect his email.
mircea_popescu: In an interesting work-around, Levison complied the next day by turning over the private
SSL keys as an 11 page printout in 4-point type. The government, not unreasonably, called the printout “illegible.”
benkay: why the hellfuck would a bitcoin-accepting company implement
ssl anyways?
BingoBoingo: benkay: I have about a hundred
SSL certificates. Having a certificate for Google doesn't make you Google though. It is much the same as how killing Jesse James doesn't make you Jesse James.
xanto: benkay, so what? You pay $100 a month for an easy
SSL certificate, no proofs what-so-ever on that it's real.
benkay: they have an
ssl certificate
mjr_: that they are finding ways around
SSL, HTTPS, VPN's etc
jurov: you can't have distributed DNS/
SSL when underlying TCP/IP stack is vulnerable to coercion
pankkake: namecoin could allow censorship free domains, and eliminate the issue of centralized
ssl CAs
dub: next they'll start enforcing
ssl export controsl
jcpham: mircea_popescu does MPEX use godaddy
ssl jcpham: but they have godaddy
ssl jcpham: called
SSL. For example:
jcpham: A: We understand that you're concerned about the security and privacy of your online transactions. We use GoDaddy
SSL to ensure that your valuable data, such as credit card details, are encrypted when you interact with our site. We employ state-of-the-art data encryption to ensure safe and secure transactions to our site. Your computer and ours agree to transpose whatever we are sending into an unintelligible "hash" of characters, using a techno
FabianB: dunno why ppl use
ssl at all if not properly
jurov: here the institutions have weird ideas about
ssl certs sometimes
FabianB: weird the
ssl cert is not valid or can't be verified by my browser, but looks legit so far
dub: almost every
ssl cert in this environment is self signed and long epired
optimator: asciilifeform: no - and it kinda freaks me out. I think
SSL cert authentication through a PKI is a gapping hole
ezdiy: same
ssl certificate
Framedragger: yeah if it's
ssl, they can profile
ssl.. if it's just bare tcp, sure it's more difficult true
toffoo: does
ssl help us in this scenario or no?
KRS-1: mtgox did not create their
SSL certificate correctly. If you go to www.mtgox.com you will get a cert error. They either did not buy a wildcard certificate or create the request using www.
Scrat: jurov: plenty of serious attacks on
SSL in the past years though
KRS1: yep the
SSL certificate on mount cocks is EXPIRED
gesell: whatt, m.mtgox.com's
ssl certificate expired?
MJR_: unfortunately, i can't get it to work over
ssl jurov: with some ddos protection that supports
ssl jurov: i'd use
ssl certificate
smickles: heh, i had a lot of fun earlier getting and installing a 'proper'
ssl cert
smickles: mircea_popescu: but this should be simple, and common. I'm sure many people install
ssl certs
smickles: and, ugg, i just installed a proper
ssl cert ... now apache wont start
kakobrekla: smickles they wont give
ssl to bitcoin related services
smickles: mircea_popescu: i thought you just didn't use
ssl, so how would you know?
smickles: anyone know of a good free
ssl cert issuer who isn't just mining me for information?
mod6: at least the
SSL code they copied looks to be better: BN_CTX *ctx = NULL;
OgNasty: Thanks for the advice. A logo wasn't a big concern obviously and the
ssl cert works fine, it just is private. ;)
topace: and a working
ssl cert :p
jurov: oh, and it got shiny new
ssl certificate... some folks warned me that it wouldn't work on xp or android
kakobrekla: 19:29.44 ( kakobrekla ) ;;later tell namworld PS, somebody please tell bitvps to fix their
SSL certificate, I can't pay my bill with them until they do this. If they don't get their act together right-quick I'm dropping them from the signcryption network. I've been pestering them about this for two weeks now and am pretty unimpressed with the lack of any sort of response.
kakobrekla: ;;later tell namworld PS, somebody please tell bitvps to fix their
SSL certificate, I can't pay my bill with them until they do this. If they don't get their act together right-quick I'm dropping them from the signcryption network. I've been pestering them about this for two weeks now and am pretty unimpressed with the lack of any sort of response.
kakobrekla: dunno why it dies here and there, has to do something with
ssl jurov: on frontpage there's software on download, better download it over
ssl pigeons: mircea_popescu: it is a valid stance. why cant they offer
ssl? why cant people use it?
pigeons: i mean regarding dub. the
ssl cartels and browser makers' definition of valid isn't the only valid one
dub: and why does its 'nic' have invalid
ssl cert
flooraccount2:
SSL certificate included. I will accept Bitcoin, Liberty Reserve, or Bank wire for the purchase of this website. I am selling this website for $15,000USD. or best offer! Cash Talks! I can also create a custom Bitcoin Casino at the URL of your choice if you desire. If you are interested in purchasing this website, or have a custom Bitcoin Casino created please contact me at flooraccount AT gmail.com or use contact f
iz: MrTiggr: ever use
SSL? the CAs are exactly like that
RogueAI: payment processors,
SSL Cert issuer, and a supposedly secure email service
knotwork: the talk with the server is using
ssl encrpyted XZeroMQ transport protocol
nefario: as though
SSL was vulnerable or something
smickles: also, i like the idea of being able to get both parts of
ssl without having to appeal to an authority like a fucking slave
exahash: wow, just googled 'free
ssl cert'
smickles: if there are free
ssl certs, what's the point of CAs?
rg: why not just get a free
SSL cert?
exahash: the
ssl ca's pay the browser makers to include their certs
nefario: smickles: the
ssl business ensures thats not going to be the case
smickles:
ssl is bonk then, there should be a way for a user to accept a self-signed cert and confidently know that it is the correct key-pair because they have a signed file wich points out that it is/isn't the proper key-pair being used
exahash: google 'buy
ssl certificate' and look at the prices in the ads
BTC-Mining: Also means
SSL certificates are very expensive for some reason
BTC-Mining: Result? People only see the "trusted" when you use certificates from another party which might just end up giving main certificates which can overide all their customer's
SSL certificates.
smickles: I haven't looked into
ssl all that much, but is it possible to use a self-signed cert and in place of a 'trusted third party' such as verisign, couldn't i sign something with my gpg identity that would provide the same info the trusted third party would?