- Oct 11, 2000
- 56,336
- 11
- 0
Does anyone else find this funny?
- Thread starter her209
- Start date
Do I think it's funny that you don't have the DOD Root CA 2 public key in your browser? No. Do I think it's funny you don't understand certificates at all, kinda of.
destrekor
Lifer
- Nov 18, 2005
- 28,799
- 359
- 126
It's kind of ironic.
But the government in general seems to be iffy when it comes to providing quality security certificates. I used to have a lot of issues with us.army.mil in FF3. I think I just went and added an exception and that is why I don't have problems anymore.
But the government in general seems to be iffy when it comes to providing quality security certificates. I used to have a lot of issues with us.army.mil in FF3. I think I just went and added an exception and that is why I don't have problems anymore.
Its not ironic at all, you guys are just clueless. You really think the DOD has Verisign issue it's public keys?
Fayd
Diamond Member
the government sucks at mantaining security certificates on their websites. pretty much every one i go to i have to make a special exception in firefox.
edit: oh now i see why.
is there any way to force firefox to recognize DOD as a certificate issuing authority? or do i have to register an exception with every site?
Fayd
Diamond Member
see edit. you all too fast for me :/
and fwiw, i dont understand security certificates. i'm not an IT guy...
Fayd
Diamond Member
destrekor
Lifer
- Nov 18, 2005
- 28,799
- 359
- 126
yeah, we're clueless. :disgust:
Maybe it's because we don't follow every thing there is to know about security certificates. Granted, the issue makes perfect sense, but I don't think I have ever cared to even think about the issue. I follow IT stuff, and used to train for network communications (and an option I am still entertaining as one of my top choices for my Army career), but website security certificates have never phased me as something I'll ever care about.
I say that because I just don't understand your attitude/methods in this thread.
You don't see the irony of coming into a thread and stating that the government/DOD sucks at maintaining security certificates then exclaim you don't know about certificates when it's pointed out your wrong?. Yea, you come off as a bit clueless.
The site is a DOD site secured with the DOD's public key. IE, Firefox, Opera, Chrome (etc) don't ship the public root key for the DOD (they ship root keys for Verisign, Thawt, GE and dozens more). So if you go to the site you get an SSL error. Posters in the thread think this shows the DOD's security is bad when in fact thats exactly what is supposed to happen since you don't have the root key...
No, the browser (not the DOD) could do a better job of explaining this to users, but then again most users aren't knowledgeable to install the right root cert unless someone ships it to them as part of their browser. Then again, most users aren't going to a DOD site either...
Ok, you have a completely different and BAD problem you need to fix. Either your root certs are missing/corrupt or your getting traffic proxied to bad sites and your ignoring your browser trying to tell you that...
There are other explanations (like your clock being off), I've seen a person who's machine was a year back, caused all kinds of grieve until they finally figured it out... But the most likely is one of the two above and I urge you to figure out whats going on...
TRENDING THREADS
-
Discussion Zen 5 Speculation (EPYC Turin and Strix Point/Granite Ridge - Ryzen 9000)- Started by DisEnchantment
- Replies: 25K
-
Discussion Intel Meteor, Arrow, Lunar & Panther Lakes + WCL Discussion Threads
- Started by Tigerick
- Replies: 24K
-
Discussion Intel current and future Lakes & Rapids thread- Started by TheF34RChannel
- Replies: 23K
-
-
Facebook
Twitter