American SSL crypto is just crap (even if its really Taiwanese electronics)




After 25 years of doing SSL, its worse than it was at the outset. But then, its US government policy to ensure it DOESN’T really work. The vendors duly facilitate; participating in the system deception of the public.

The issues is not only dlink’s firmware producing certificates with bad dates. Its also Microsoft platform that is the problem. It allowed the ActiveX control to load, for an invalid certificate. Because the cert is on a “trusted” chain, this policy overrides the invalidity.

But then, what Microsoft program in the crypto/trust area is essentially NSA policy – to ensure that their folk can invade a foreigner’s PC (with impunity, since we have little more than slave rights to the mighty, exceptional Americans); and set such setting (when it facilitates an easy crypto win).


About home_pw

Computer Programmer who often does network administration with focus on security servers. Sometimes plays at slot machine programming.
This entry was posted in dunno. Bookmark the permalink.