[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Fwd: [Cryptography] Shaming sites that send sensitive information over HTTP

To: [email protected], [email protected]
Subject: Fwd: [Cryptography] Shaming sites that send sensitive information over HTTP
From: [email protected] (Peter Gutmann)
Date: Sat, 20 Sep 2014 10:58:25 +1200
In-reply-to: <CAD2Ti29g3D=NHRUd9e2s5-Fs8555PLeYWqO7iCm9y+C35r7THQ@mail.gmail.com>

grarpamp <[email protected]> forwarded:

>My favorite:  The NSA's web site *redirects HTTPS to HTTP*.  Some kind of
>back-handed acknowledgement of what they do?

My guess is that it's politically-motivated, if you're the NSA would you want
to buy your certs from a commercial CA, and if you're a commercial CA would
you want to be known as the supplier of trusted certs to the NSA?

Peter.

Follow-Ups:
- Fwd: [Cryptography] Shaming sites that send sensitive information over HTTP
  - From: [email protected] (staticsafe)

References:
- Fwd: [Cryptography] Shaming sites that send sensitive information over HTTP
  - From: [email protected] (grarpamp)

Prev by Date: More on the tor scam
Next by Date: Fwd: [Cryptography] Shaming sites that send sensitive information over HTTP
Previous by thread: Fwd: [Cryptography] Shaming sites that send sensitive information over HTTP
Next by thread: Fwd: [Cryptography] Shaming sites that send sensitive information over HTTP
Index(es):
- Date
- Thread