Slashdot Mirror

← Back to Domains

Domain: verisign.com

Stories and comments across the archive that link to verisign.com.

Comments · 360

  1. Verisign is a monopoly by DocJohn · · Score: 4 · on Verisign to Purchase Network Solutions

    Verisign is already a monopoly, with their recent acquisition of Thawte, the only real alternative for signed digital server certificates.

    Network Solutions is not an equal player in the domain registration business, since they are the maintainers of the database itself.

    Combine the two and you have a company which is responsible for keeping key pieces of the infrastructure of a great deal of the Internet running (DNS and SSL usefulness).

    That's the reason to be scared. Show me another company which comes close to this powerhouse; you can't, because one simply doesn't exist today.

  2. Re:Severe security risk!? by DjReagan · · Score: 1 · on House Passes Digital Signature Bill
    What keeps somebody from publicizing their public key as my public key, and thus being able to sign documents with their private key to pretend to be me?

    Most public key implementations has some form of key-signing method, whereby a third party can sign your key public key, thereby certifying that you are who you say you are

    The big problem with this, is how can you trust the person who's signing? Thats where the concept of having well-known Certifying Authorities (such as Verisign) who validate your identity, then sign your public key.

    This is a pretty common occurrence in the RSA world (such as web server ssl certificates etc)and these days Thawte also has something in place like this for PGP keys.


    --

  3. Re:Some thoughts...a couple more things.... by mlesesky · · Score: 1 · on U.S. Post Office and E-mail

    Here are a couple more thoughts. I would love to hear some feedback on these:

    1 - Government is slow, realy slow. They will have a very hard time adapting to these changes for several reasons - most are outlined in the article.

    2 - In the past (a long time ago), there were issues with infrastructure, cost etc of setting up and maintaining a national post service. This is changing. Now there are fewer barriers and there is competition.

    3 - There is still a need for the service they are providing. However, if the service s not used as much, we should cut the budget accordingly and be happy.

    4 - The USPS should not try to enter areas that are currently being addressed with provate business, which will naturally be more efficent. I do not see any problems with the post office downsizing. It is a bastion of the US, but we should be able to move on and advance and not have to hold onto old, outdated services just because uncle sam wants to.


    ok i did not want to but

    5 - Lets make the USPS a public certificate authority and start getting competion (even artificial - ie government) in that area. The USPS would have a great image that they could market and leverage that could compete against Verisign and their high prices and questionable procedures, they are soooo quick....

  4. Verisign bad, Entrust good by Skapare · · Score: 2 · on Verisign Buyout of Thawte Consulting Challenged

    I use Netscape 3.04 instead of Netscape 4.X for technical reasons (unbearable bugs in Netscape 4.X). The Verisign CA in Netscape 3.04 (and earliest 4.X) expired Dec 31, 1999. I went to download a new CA certificate and found that none was available. An exchange of e-mail with tech support, after a couple rounds of trying to explain to them what I even wanted, their only excuse was "We only support Netscape 4, you should upgrade". AFAIC, if they "support" it, they should fix it (but they declined).

    I went to the Entrust site to see if they might have a root CA certificate I could download. Bingo! They do!

    Now tell me why a big resourceful company like Verisign is totally unable to build a root CA certificate for Netscape 3.04 while a little puny company like Entrust has the resources to pull it off (and even earlier versions).

    And Verisign can't even get their web site to work without having to type in the "www." while most places, including Entrust and Slashdot can.

  5. Browser upgrade? Just install new root cert by Jacco+de+Leeuw · · Score: 1 · on Citifi.com Denies Alternate Browser Access
    What they fail to realize is that some people may have legitimate reasons to not upgrade their browser. If you have older hardware and not too much memory, the recent versions of Netscape and Internet Explorer run unacceptably slow.

    Instead, you could also just install the new root certificates from Verisign and Thawte, and continue using the old browser.

  6. More closed source monopoly by cybaea · · Score: 2 · on Thawte Bought by Verisign

    Frpom the Verisign press release:

    As a combined entity, VeriSign and Thawte will be able to implement a consistent set of global standards for the issuance and management of digital certificates for websites and software developers

    It sounds like they want to own the standards and establish a monopoly of closed source rules.

    And it will be a monopoly:

    They are also the only two digital certificate providers with commercial availability of 128-bit website certificates

    Any chance that the mergers and monopolies comission (or whatever it is called in SA) will block this? Please!? Not another MSFT.

  7. Links by cybaea · · Score: 2 · on Thawte Bought by Verisign

  8. Links by cybaea · · Score: 2 · on Thawte Bought by Verisign

  9. Re:Bogus site certificate? by um...+Lucas · · Score: 2 · on SourceForge Goes Public Beta

    Go here: https://www.verisign.co m/server/cus/rootcert/webmaster.html which describes what's happening.

    Then go here: http://verisign.netscape.com/securi ty/rootcert/" and download a new browser.

    It used to be that you could just download the certificates that you needed, but the URL i had for that is now dead...

  10. Re:Asymetric vs. Symetric & I'm not worried... by um...+Lucas · · Score: 2 · on Shamir reveals more about optical 512-bit cracker

    Quick! Run, don't walk, and find yourself a copy of Applied Cryptography!!!

    Read read read read it! Right before bed every night, and right when you wake up in the morning. Peruse the web in search of information (searches for terms like PGP, RSA, Diffie, Public Key, Key Server, Cryptography, Cryptanalysis, security, privacy and other related terms will probably yield some more helpful info...

    Counterpane is probably one of the best places to start. Read the white papers there. Subscribe to the newsletter. Check out the links. You might want to check out RSA as well. They've got a bunch of FAQ's on their website, most of which will answer your questions. You may also want to check out PGP (that link's only if you're not a business... The PDF manual has a lot of info as to how the product works. Verisign will probably have some more information... I haven't been there recently, but i'm sure you can unearth something...

    Anyone else want to pile on some more resources for this guy (or girl)?

    (That was still a lot less typing than answering all those questions, and will probably supply better information that I could type in an hour...)