DTP


 
Lively discussions on the graphic arts and publishing — in print or on the web


Go Back   Desktop Publishing Forum > General Discussions > Web Site Building & Maintenance

Reply
 
Thread Tools Display Modes
Old 03-22-2007, 06:18 AM   #1
dthomsen8
Member
 
dthomsen8's Avatar
 
Join Date: Aug 2005
Location: Philadelphia, PA 19130
Posts: 2,158
Default Security Certificates

My Firefox browser is set to report bad security certificates. I attach two examples of problems reported to me, but I have several more.

Questions:
1) Does it do any good to report these problems to the webmasters?
2) When should I care about these problems, if ever?
3) It is hard to imagine that a big operation like Kinko's has an unrecognized security certificate. What is going on here?

I suspect that complaining to webmasters may get me some feedback worth knowing, but maybe not. Someday, I may want my own security certificate, so I do have some interest in the subject.
Attached Thumbnails
Click image for larger version

Name:	badcert0.jpg
Views:	129
Size:	27.6 KB
ID:	895   Click image for larger version

Name:	badcert1.jpg
Views:	131
Size:	60.5 KB
ID:	896   Click image for larger version

Name:	badcert2.jpg
Views:	116
Size:	39.7 KB
ID:	897  
dthomsen8 is offline   Reply With Quote
Old 03-22-2007, 07:50 AM   #2
Kelvyn
Staff
 
Kelvyn's Avatar
 
Join Date: Feb 2005
Location: In the Heart of the English Lake District
Posts: 1,381
Default

The only time I worry about a certficate warning is if it is for an e-commerce site where I am looking to make a purchase. These days certificate is really only a secondary check that you are using SSL. Misconfigurations are common, even more so now that you can create self-signed certificates, which are supposed to be used just for server testing, but being free are sometimes used on production sites!

Most shared hosts provide a server wide certification which is perfect for the small business who does not want the extra expense of an individual domain Thawte or similar certificate - these are not cheap. Plus not everyone has a domain on a dedicated IP address, a requirement for certification.

I doubt that webmasters would be interested in knowing that a certificate has expired - almost certainly they know about it and in many cases they will have been left because the webhost themselves have to do the removal.

The Kinko report is most likely caused by the certificate being issued for the main domain of aas.com and not to the subdirectory.

   
__________________
Kelvyn

Web site design, hosting and marketing, Keswick in the UK Lake District

If you are planning a visit to Keswick then try Keswick Tourist Information website

Kelvyn is offline   Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Adobe security bulletin ktinkel General Publishing Topics 5 12-09-2006 11:53 AM
Security Risk FF2/IE7 George Web Site Building & Maintenance 5 11-30-2006 05:15 PM
Mac OS X security update ktinkel General Publishing Topics 1 03-02-2006 11:13 AM
Especially vile Win security problem ktinkel General Publishing Topics 5 01-05-2006 11:48 AM


All times are GMT -8. The time now is 01:41 AM.


Powered by vBulletin® Version 3.8.9
Copyright ©2000 - 2017, vBulletin Solutions, Inc.
Contents copyright 2004–2014 Desktop Publishing Forum and its members.