lockon.ru Certificate warning

[Greenies]

Hi,

 

When I try to log in on the http://www.lockon.ru site, I get a warning that says the following:

 

- The server's name "lockon.ru" does not match the certificate's name "www.lockon.ru". Somebody may be trying to eavesdrop on you.

- The certificate for "www.lockon.ru" is signed by the unknown Certificate Authority "Snake Oil CA". It is not possible to verify that this is a valid certificate

 

What does this mean, and who is "Snake Oil CA?" Sounds like a phony name to me (sorry if I am offending someone). Does anyone else get this warning? Did you still choose to accept the certificate?

[coldcrew]

This is what happens when a company is cheap and doesn't want to pay verisign for a real certificate

[Nate--IRL--]

It is the default name for the certifcate software, i used it, seems fine. But you make your own mind up :)

 

Nate

[Guest ruggbutt]

I used it too.

[Sealpup]

This is what happens when a company is cheap and doesn't want to pay verisign for a real certificate

 

 

Like the US Air Force for example...none of our security cetificates are Verisign friendly...because there is absolutely no reason for them to be!

[coldcrew]

Like the US Air Force for example...none of our security cetificates are Verisign friendly...because there is absolutely no reason for them to be!

 

verisign isn't the only authorithy that can sign certificates. I just used them as an example. Try browsing your system root trusted certificate store and you'll see more than a hundred valid signers, I doubt that "snake oil" is one of them tho.

[Sealpup]

Try browsing your system root trusted certificate store and you'll see more than a hundred valid signers, I doubt that "snake oil" is one of them tho.

 

From what I heard, 'Snake Oil' is a default CA name for a certain flavor of certificate generating software.

 

ED likely generated their own certificate, rather than pay someone else for the same quality product, only to get MS Exploder's complaints to stop..

[PnHobbit]

bwuahhahahaha you all hit ok. You agreed to have ED steal your soul! Prepare for your doooomm!!!!

[coldcrew]

From what I heard, 'Snake Oil' is a default CA name for a certain flavor of certificate generating software.

 

ED likely generated their own certificate, rather than pay someone else for the same quality product, only to get MS Exploder's complaints to stop..

 

You misunderstand why certificates need to be signed by trusted authorities. It is to prove that you say who you say you are. Signing your own certificate is like creating your own ID card, it is worthless. I'll never use my creditcard on a website that has a self signed certificate.

 

Using a certificate from verisign, thwarte, securenet, certisign or whatever is saying to the visitor to your website that your identity has been checked out by a legit thirdparty company and there won't be any popups or questions like the original poster asked about.

[Sealpup]

Ok, I might be talking from my rectal area in saying this, as I'm going on stuff I've learned from being a general purpose information sponge.

 

But, these certificates are an encryption means, and encryption is considered a 'munition' by alot of countries, and thus a no-no for export. So, maybe poor ED here cant get find a Russian CA, and legally cant use one from anywhere else.

 

Another possibility is it is a legit CA, but explorer doesn't recognize it for some reason. (which means I heard wrong about 'Snake Oil' being a default name)

 

Again, I'm just going by bits and pieces of stuff I've picked up, so I might just be spouting total BS here.

 

EDIT: Used the wrong word somewheres

 

EDIT2: Ok. so Snake Oil was mentioned in THIS thread...god, I really need to stop posting before bed time

[Greenies]

You misunderstand why certificates need to be signed by trusted authorities. It is to prove that you say who you say you are. Signing your own certificate is like creating your own ID card, it is worthless. I'll never use my creditcard on a website that has a self signed certificate.

 

Using a certificate from verisign, thwarte, securenet, certisign or whatever is saying to the visitor to your website that your identity has been checked out by a legit thirdparty company and there won't be any popups or questions like the original poster asked about.

 

ED recently stated that they are going to launch a VeriSign payment solution soon, so maybe something will be done about that snakey/sneaky certificate... :)