On Sun, 28 Oct 2007 05:36:07 -0400, Nil wrote:
I followed everyone's advice and installed Tor/Vidalia/Privoxy.
I learned it's UP TO ME to determine if a certificate is fake.
So, I test the system - and I take your advice to READ the certificate
warning - but I still don't know what to do with the result.
Is THIS a fake certificate?
Here's what happened.
I went to http://torcheck.xenobite.eu/index.php
I clicked on the HTTPS-Mode button to see what it would say
Up popped a "Security Error: Domain Name Mismatch"
You have attempted to establish a connection with
torcheck.xenobite.eu. However the security certificate
presented belongs to 126.96.36.199. It is possible, though
unlikely, that someone may be trying to intercept your
communication with this web site.
If you suspect the certificate shown does not belong to
torcheck.xenobite.eu, please cancel the connection and notify
the site administrator.
So what do I do?
Most of these posts say to examine the certificate, so I press
the "View Certificate" button.
This certificate has been verified for the following uses:
SSL Server Certificate
Huh? Is that telling me something?
Then it says:
Common Name (CN) 188.8.131.52
Organization (O) Kraus Computertechnik
Organizational Unit (OU) StartCom Free Certificate Member
Serial Number 01:84:54
To which my head is spinning - I guess I'm supposed to tell from this
if it's legitimate or not - but I don't know where to look.
It goes on:
Common Name (CN) StartCom Class 1 Primary Intermediate Free CA
Organization (O) StartCom Ltd.
Organizational Unit (OU) Secure Certificate Signing
Huh? I still don't know what is wheat and what is chaff.
Issued On 9/25/2007
Expires On 9/24/2008
Does this tell me anything useful other than when it will expire.
I won't even go into what it says in the DETAILS tab!
Oh my. If all this which I'm supposed to read actually means something to
you guys, then you ARE rocket scientists!
What do I (decidedly not a rocket scientist) do with this information?
Is this a fake certificate or a real certificate?
How would I know?