Hi, Le Wed, 24 Oct 2018 19:15:49 +0300 Kas <[email protected]> a écrit:
> Wrong and you should not look at a certificate as a public key, > please educate yourself with deeper understanding what do extensions > serve and what critical extension means, i have a Code Signing > certificate can i use it for IIS ? it has a public key ! and it been > vouched by Comodo , do you understand what is CRL Distribution > Points(2.5.29.31) and how that certificate should be checked before > considered trusted ? As an observer to this discussion, I would like to point out that asking your interlocutor(s) what they know or do not know is rarely productive, as people are usually poor judges on how well they know some topic. Plus, even if the answer is accurate enough, it does not help the discussion progress to a fruitful conclusion -- all the more when the questions are asked in bursts. I would kindly advise you to just assume that others in the discussion know enough of the topic to understand a detailed technical argument, and to just lay out in such detail the concrete attack scenario(s) which you are envisioning and concrete proposal(s) for mitigation or protection. People on this list who do know the topic well enough will ask meaningful questions, which will help the discussion progress. People on this list who do not know the topic well enough may indeed ask questions which are irrelevant or suggest solutions which are inefficient, in which case you will be able to point out the concrete reason for the irrelevance or inefficiency, and again, discussion will progress toward a useful conclusion. Amicalement, -- Albert. _______________________________________________ Acme mailing list [email protected] https://www.ietf.org/mailman/listinfo/acme
