Re: Many WAP gateways do not properly check SSL certificates

From: Jeremy Sanders (jsandersat_private)
Date: Tue Jul 10 2001 - 07:21:23 PDT

Next message: Kevin: "Re: How Google indexed a file with no external link"

Previous message: Theo Van Dinter: "Re: How Google indexed a file with no external link"
Maybe in reply to: Gus: "Many WAP gateways do not properly check SSL certificates"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

>Since SSL certificates are tamper-evident as the cryptographic signature
>is checked against the "root" certificates of the large CAs (Thawte,
>Verisign, Global Trust etc.) this check gives assurance that the
>requesting party is connected to the right host - i.e. you are safe from a
>man-in-the-middle attack.

Sprint PCS's WAP gateway does not give a detailed error message, but does not allow the connection if the root certificate is not a trusted root CA. We have an Organizational CA that we generate certificates for internal web sites. The wireless versions of these sites will not work because Sprint's WAP gw does not trust our root... We would also rather not pay Verisign every time we decide to bring up a new intranet/extranet site...

Jeremy Sanders, CCNP CNE
Advanced Systems Engineer
New South Federal Savings Bank

Next message: Kevin: "Re: How Google indexed a file with no external link"
Previous message: Theo Van Dinter: "Re: How Google indexed a file with no external link"
Maybe in reply to: Gus: "Many WAP gateways do not properly check SSL certificates"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Tue Jul 10 2001 - 09:32:31 PDT