[Noisebridge-discuss] TPM
Al Billings
albill at openbuddha.com
Wed Jul 22 21:18:31 UTC 2009
On Jul 22, 2009, at 2:06 PM, Rodney Thayer wrote:
> Al Billings wrote:
>>
>> On Jul 22, 2009, at 11:31 AM, Rodney Thayer wrote:
>>
>>> CACert is questionable too. why not just spin your own root and put
>>> it on an offline box?
>>
>> Because you are going to get the same SSL warnings and alert from
>> software if you use any root that isn't in the shipped store with the
>> software. This is certainly true for Firefox.
>>
>> Al
>>
>>
>>
>
> #include <standard-noisbridge-rant.h>
>
> ...and therefor you have to deploy the root to Noisebridge users... is
> that a problem/
If you personally trust the person who made the cert to the extent
that you want to give them an avenue to pwn you... I don't install
third party root certs, personally.
Al
More information about the Noisebridge-discuss
mailing list