[conspire] Comodo-signed bogosity (was: DigiNotar Damage Disclosure)

Adrien Lamothe alamozzz at yahoo.com
Fri Sep 9 11:14:03 PDT 2011

Right. So, the problem on my end was:

    1. I update Firefox.
    2. Upon restarting Firefox, CertWatch informs me it wants to update certificates.
    3. CertWatch then proceeds to pop up a procession of windows, each with cert data, each with "OK" and "Cancel" buttons.
    4. I see contradictory information in the cert data. But I trust that CertWatch knows what it is doing (which it did.) However, CertWatch doesn't tell me it is de-verifying those certs, merely that it is updating them. Being the first time so many certs are updated since I installed CertWatch, I was unaware of what exactly it was doing to them, until I went into Firefox's "View Certificates" area to see they "could not be verified for unknown reasons."
    5. I mention the contradictory data on this list, because I find it interesting.

Perhaps CertWatch should add a notation during update notification, as to the nature of the update.

From: Rick Moen <rick at linuxmafia.com>
To: conspire at linuxmafia.com
Sent: Friday, September 9, 2011 10:27 AM
Subject: Re: [conspire] Comodo-signed bogosity (was: DigiNotar Damage Disclosure)

Quoting Adrien Lamothe (alamozzz at yahoo.com):

> Right. So what I was seeing, apparently, was CertWatch telling me
> those certs had been marked as bad, only it wasn't apparent that was
> what it was saying.

Not sure what you saw, really.

Just to elaborate on my comment to Ehud that there are always ways to
tunnel traffic out past dumb corporate firewalling:
http://sebsauvage.net/punching/   <- Best and most thorough

conspire mailing list
conspire at linuxmafia.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://linuxmafia.com/pipermail/conspire/attachments/20110909/d3618624/attachment.html>

More information about the conspire mailing list