[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Set up a webproxy to TOR - tor-proxy.net

On Tue, Sep 25, 2007 at 07:21:31PM +0200, Marco Gruss wrote:

> Am I missing something?

This passage, perhaps?

"With StartCom even the first step, the creation of the key, is not performed in the most reputable manner: The "Certificate Creation Wizard" creates the private key on the server of the Israeli company and subsequently transmits it to the web site operator via an SSL-secured web page. There is no guarantee given that StartCom might not keep a copy of the secret key. Such a copy would make it possible to decrypt all the server's encrypted traffic. In the case of respectable companies offering this kind of service users create their secret keys locally; the CA is only sent the certificate application, a signed copy of which it then sends back.

Eugen* Leitl <a href="http://leitl.org";>leitl</a> http://leitl.org
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE