[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: SSL certificates

On Sun, Sep 19, 2004 at 08:03:17PM +0100, Andrew Suffield wrote:
> appreciably secure, and users can't tell the difference anyway. This
> doesn't matter because nobody attacks anything worthwhile by capturing
> traffic. SSL is basically irrelevant on the modern internet [see
> crypto-gram, earlier this year].

After searching about I found:
http://www.schneier.com/crypto-gram-0401.html Letter from John Viega

Either I am opening a can of worms here or I am wasting time, but what
am I or applications supposed to be using then?

It is a myth that passwords in the plain is a bad idea? Aren't there
tools in existence to detect ftp/telnet/insecure authentications?

Does the "modern internet" mean we are packet switched to safety?

I have seen people create different passwords for different services,
but I wanted every user to use the same password from PAM for every
service my Debian box offers. Am I being too naive?

Are there any other docs I have missed?

Doesn't inspire.

Attachment: signature.asc
Description: Digital signature

Reply to: