Tuesday, January 26, 2010

interop.ca.com for RSA 2010

A quick visit of the openinfocard card selector to CA's interop site for RSA 2010.

Hm, clicking the purple-i does ... nothing; but clicking the link next to it does the job.

Now clicking the purple-i - either on the page or on the URL-bar or on the status-bar - starts the selector.

Please note the card with the name "sechs" has a green background because I used it at this site before. Noteworthy too: The selector shows Verisign's issuer logo of CA's SSL certificate.

Please update your openinfocard selector to the latest version before trying this interop.

Monday, January 11, 2010

Microsoft Update Certificate Woes

When I choose "Start -> Microsoft Update" on my Windows system IE starts and shows http://update.microsoft.com/microsoftupdate/v6/default.aspx?ln=de .
Security paranoid as I am I have HTTPS://update.microsoft.com/microsoftupdate/v6/default.aspx?ln=de in my list of "trusted" sites but not the HTTP-site. I am willing to pay the price to have to add the "s" after "http" every time. No problem.

What annoys me is that since some time ago the certificate is issued to "www.update.microsoft.com" but not for "update.microsoft.com".
I admit that maybe I am not supposed to visit this site because I edited the URL by hand but come on Microsoft: Please buy another certificate or configure the server to redirect me to the one and only with the correct certificate. (This prepending "www" to every webserver is stupid anyway. Leave that to the companies that are 90% marketing and 10% feature)

All OS-updates should be over HTTPS anyway. CPUs are cheap! Buy some more if the encryption is a performance issue. I want that extra SSL security.