Netscape Security Lies
Eric Murray
ericm at lne.com
Tue Jul 30 12:18:56 PDT 1996
source at iaccess.za writes:
>
> We have just tested Netscape's security page and it seems they are either lying
> or have a major bug.
>
> All you have to do to confirm this is to go to their page
> http://home.netscape.com/newsref/ref/netscape-security.html#test
> and click on the link under the heading Testing the Secure Server link
> "Here is a secure server you can visit.
I checked this out with baited breath, hoping to find a juicy
Netscape security hole as promised. Unfortunately, all it is
is a mis-configured httpd server at rsa.com. It should be
doing SSL but it's not. A bummer, but probably not a lie and
certainly not a major bug.
> We decided to test further and found that the RSA secure server is only SSL 2
> and SSL 3 which is what Netscape seems to be touting to the resting of the
> world saying they have it NOW. Later, if not much later seems far more
> realistic.
Try ssl3.netscape.com:443. It's doing ssl3.
> I do not like being lied to, mislead or steam rolled by, how about
> you?
Not at all. So quit doing it.
--
Eric Murray ericm at lne.com ericm at motorcycle.com http://www.lne.com/ericm
PGP keyid:E03F65E5 fingerprint:50 B0 A2 4C 7D 86 FC 03 92 E8 AC E6 7E 27 29 AF
More information about the cypherpunks-legacy
mailing list