[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #10958 [- Select a component]: PCWorld blocked



#10958: PCWorld blocked
--------------------------------------+-----------------
     Reporter:  galaxy40              |      Owner:
         Type:  defect                |     Status:  new
     Priority:  normal                |  Milestone:
    Component:  - Select a component  |    Version:
   Resolution:                        |   Keywords:
Actual Points:                        |  Parent ID:
       Points:                        |
--------------------------------------+-----------------

Comment (by yawning):

 While one would hope that pcworld.com will use a certificate that:
  * Isn't self signed
  * Isn't issued to "IT, My Company, Seattle, WA, US"
  * Has a real host name
  * Has a real contact address

 Dumping the certificate returned from pcworld.com with openssl s_client
 indicates that they failed on all counts.  The warning is correct.

 {{{
 depth=0
 /C=US/ST=WA/L=Seattle/O=MyCompany/OU=IT/CN=localhost.localdomain/emailAddress=root@xxxxxxxxxxxxxxxxxxxxx
 verify error:num=18:self signed certificate
 verify return:1
 depth=0
 /C=US/ST=WA/L=Seattle/O=MyCompany/OU=IT/CN=localhost.localdomain/emailAddress=root@xxxxxxxxxxxxxxxxxxxxx
 verify return:1
 ---
 Certificate chain
  0
 s:/C=US/ST=WA/L=Seattle/O=MyCompany/OU=IT/CN=localhost.localdomain/emailAddress=root@xxxxxxxxxxxxxxxxxxxxx
 i:/C=US/ST=WA/L=Seattle/O=MyCompany/OU=IT/CN=localhost.localdomain/emailAddress=root@xxxxxxxxxxxxxxxxxxxxx
 ---
 Server certificate
 -----BEGIN CERTIFICATE-----
 MIICpjCCAg+gAwIBAgIBADANBgkqhkiG9w0BAQUFADCBmDELMAkGA1UEBhMCVVMx
 CzAJBgNVBAgTAldBMRAwDgYDVQQHEwdTZWF0dGxlMRIwEAYDVQQKEwlNeUNvbXBh
 bnkxCzAJBgNVBAsTAklUMR4wHAYDVQQDExVsb2NhbGhvc3QubG9jYWxkb21haW4x
 KTAnBgkqhkiG9w0BCQEWGnJvb3RAbG9jYWxob3N0LmxvY2FsZG9tYWluMB4XDTA3
 MDExODE4NDgzMloXDTE3MDExNTE4NDgzMlowgZgxCzAJBgNVBAYTAlVTMQswCQYD
 VQQIEwJXQTEQMA4GA1UEBxMHU2VhdHRsZTESMBAGA1UEChMJTXlDb21wYW55MQsw
 CQYDVQQLEwJJVDEeMBwGA1UEAxMVbG9jYWxob3N0LmxvY2FsZG9tYWluMSkwJwYJ
 KoZIhvcNAQkBFhpyb290QGxvY2FsaG9zdC5sb2NhbGRvbWFpbjCBnzANBgkqhkiG
 9w0BAQEFAAOBjQAwgYkCgYEA0CIk85MjGj9G6F0ulin23Xh/vNf2JCMyeKPJrnTw
 oSf7ImlgZ6JT81OiBLcylZm3K44W76ZjbA1u6fIJnpX+/f1RPqFxKyh5+hYo+tfF
 0Ja4yTkAE/HyQUACMEO+IeIpyf13sg/uTVr5ikeAkiDl1/5ZeqILV2QEexNsxLe8
 t08CAwEAATANBgkqhkiG9w0BAQUFAAOBgQBFNK5F1ItaOZLvnRMBsOIM7zzB21SP
 lXr130kCdouP6zLq0xkbmWqgxLpUVh9Kc2xHFMGwbcFr9I5TMDPjCaRwUV1V4fbh
 CGko7wefIEkq6mhTmNBSP7azcCC9f/NXC2CkB4OAYS22dHdRaQd0vwOhbqCjzHDp
 Zk9Q0eg2Oe5khg==
 -----END CERTIFICATE-----
 subject=/C=US/ST=WA/L=Seattle/O=MyCompany/OU=IT/CN=localhost.localdomain/emailAddress=root@xxxxxxxxxxxxxxxxxxxxx
 issuer=/C=US/ST=WA/L=Seattle/O=MyCompany/OU=IT/CN=localhost.localdomain/emailAddress=root@xxxxxxxxxxxxxxxxxxxxx
 ---
 No client certificate CA names sent
 ---
 }}}

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/10958#comment:1>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs