[ntp:questions] lists.ntp.org uses an invalid security certificate....

Richard B. Gilbert rgilbert88 at comcast.net
Sun Sep 6 14:43:07 UTC 2009


David J Taylor wrote:
> "John Hasler" <john at dhh.gt.org> wrote in message 
> news:87ocpoffjl.fsf at thumper.dhh.gt.org...
>> David writes:
>>> It makes it difficult to take an discussion about "security" issues
>>> seriously when ntp.org can't even get a "accepted" certificate.
>>
>> I hope you do not labor under the delusion that an "accepted"
>> certificate provides any significant security beyond the session
>> encryption provided by any https session.  All it proves is that the
>> site operators were able to write at least one check that didn't bounce.
>> -- 
>> John Hasler
> 
> I hope not, John.  It's just the impression it creates.  I do wonder, 
> though, why even just reading a bug list should need https, but perhaps 
> that's Firefox's behaviour.
> 
> Cheers,
> David

Encryption can serve to provide security (you can't read it without the 
key) or authentication (Only I could have encrypted it) or both!




More information about the questions mailing list