Comments on: SSLFail.com == SSL FAIL? http://www.sslfail.com/2009/01/sslfailcom-ssl-fail/ 1.2.840.113549.1.1 Thu, 01 Jul 2010 03:13:58 +0000 http://wordpress.org/?v=2.9.2 hourly 1 By: Tyler http://www.sslfail.com/2009/01/sslfailcom-ssl-fail/comment-page-1/#comment-87 Tyler Fri, 27 Feb 2009 11:52:44 +0000 http://www.sslfail.com/?p=225#comment-87 Michael, I agree... the assumption I made on people wanting SSL or complaining about the lack of SSL was that they wanted to bypass some basic content filter and were worried about the content of the site. In that case, the encryption is needed but not the trust, hence the self-signed certificate. Tyler. Michael,

I agree… the assumption I made on people wanting SSL or complaining about the lack of SSL was that they wanted to bypass some basic content filter and were worried about the content of the site.

In that case, the encryption is needed but not the trust, hence the self-signed certificate.

Tyler.

]]> By: Michael Coates http://www.sslfail.com/2009/01/sslfailcom-ssl-fail/comment-page-1/#comment-83 Michael Coates Thu, 26 Feb 2009 16:20:20 +0000 http://www.sslfail.com/?p=225#comment-83 Agree, SSL is not needed for viewers of this site. I don't provide you any sensitive data, nor do you have any sensitive data of mine. The worse case is a MitM injects false content. Yes, a MitM could inject a malicious script, but they could do that for any other page I browse to just as easily. -Michael Agree, SSL is not needed for viewers of this site. I don’t provide you any sensitive data, nor do you have any sensitive data of mine. The worse case is a MitM injects false content.

Yes, a MitM could inject a malicious script, but they could do that for any other page I browse to just as easily.

-Michael

]]> By: Patrick http://www.sslfail.com/2009/01/sslfailcom-ssl-fail/comment-page-1/#comment-54 Patrick Mon, 09 Feb 2009 20:33:44 +0000 http://www.sslfail.com/?p=225#comment-54 https://www.register.com/titan/promo/ssl_essential_1.rcmx $12.67 per year for three years. https://www.register.com/titan/promo/ssl_essential_1.rcmx

$12.67 per year for three years.

]]> By: Michael Dickey http://www.sslfail.com/2009/01/sslfailcom-ssl-fail/comment-page-1/#comment-27 Michael Dickey Wed, 28 Jan 2009 21:33:44 +0000 http://www.sslfail.com/?p=225#comment-27 You MUST have SSL or else someone can inject!! (No, I'm with you, I think it is an arguable thing...unless you want to support encrypting everything on the web, which I wouldn't mind, but I'm sure pretty much every government would mind.) I've already sniffed Marcin's password to the site...nicely enough, he uses it for other things too! You MUST have SSL or else someone can inject!!

(No, I’m with you, I think it is an arguable thing…unless you want to support encrypting everything on the web, which I wouldn’t mind, but I’m sure pretty much every government would mind.)

I’ve already sniffed Marcin’s password to the site…nicely enough, he uses it for other things too!

]]> By: Marcin http://www.sslfail.com/2009/01/sslfailcom-ssl-fail/comment-page-1/#comment-26 Marcin Tue, 27 Jan 2009 18:06:36 +0000 http://www.sslfail.com/?p=225#comment-26 Oh no! What on earth could we do? Wait, I have an idea! How about we SSH to the server, and then write posts using SQL INSERT statements. Yah! Oh no! What on earth could we do? Wait, I have an idea!

How about we SSH to the server, and then write posts using SQL INSERT statements. Yah!

]]>