Troubles with KCM

As a cautionary tale why key continuity management isn't easy: I've
got a Linksys wireless router at home, and use HTTPS to access it --
at least defending against passive attacks when entering passwords.

The router generates certificates on the fly, and these are dodgy to
say the least.

Using Firefox 3 b2 (which overall has a reasonably nice interface
for TLS errors!), I now get an error message without any overrides;
apparently, that browser keeps a record of certificate fingerprints,
serial number, and issuers, whereas the linksys router likes to
recycle certificate serial numbers.

Thomas Roessler, W3C  <>

Received on Wednesday, 23 January 2008 11:30:47 UTC