Re: [kde-linux] Am I Alone?

[Paul Hartman <paul.hartman+gentoo@xxxxxxxxx>]

On Thu, Oct 1, 2009 at 2:08 AM, Kevin Krammer <kevin.krammer@xxxxxx> wrote:

On Thursday, 2009-10-01, Anne Wilson wrote:
> On Thursday 01 October 2009 00:53:37 James Tyrer wrote:
> > Anne Wilson wrote:
> > <SNIP>
> >
> > > I've seen no such problem, so I can't comment.
> >
> > Then go to:
> >
> > http://capitalone.com/
>
> I did.  In konqueror.  It said that Capital One uses an invalid certificate
>  and cannot be trusted.  It then asked if I wanted to continue.  I said
>  'yes' and it entered the site.

A user on kde@xxxxxxx also reported such certificate problems and I've seen
that myself as well. Initially I thought it applied to all certificates but I
think it only applies to those issued by VeriSign.

Can somebody confirm this? I.e. post a link to a SSL enabled site using a non-
VeriSign certificate?

FYI the latest release of Seamonkey 1.1.18 also complains about the certificate on that site.

I think it is an indirect certificate, A signs B signs C. Konq knows A but not B, and doesn't trust B even though A trusts B and we trust A. Something like that.

I think this is the cert in question:
http://svrsecure-aia.verisign.com/SVRSecure2005-aia.cer

___________________________________________________
This message is from the kde-linux mailing list.
Account management:  https://mail.kde.org/mailman/listinfo/kde-linux.
Archives: http://lists.kde.org/.
More info: http://www.kde.org/faq.html.