Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Inactive Support Threads
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Security
Guides - Privacy & Security Tips
How To Setup Kaspersky Internet Security 2011 for Maximum Protection
Message
<blockquote data-quote="bogdan" data-source="post: 5984" data-attributes="member: 2"><p>Yes it verifies the signature/certificate for its validity but considering how easy some Certification Authorities give certificates and the huge number of Registration Authorities that you have no choice but to trust it is easy to stumble upon a malicious executable signed by some unknown company. As james said I wouldn't trust an executable just because it is digitally signed.</p><p></p><p>A bit unrelated to the topic: Bad certificates get revoked but it appears that if your browser is unable to connect to the server containing the up to date CRL (Certificate Revocation List) it will by default trust the certificate.</p></blockquote><p></p>
[QUOTE="bogdan, post: 5984, member: 2"] Yes it verifies the signature/certificate for its validity but considering how easy some Certification Authorities give certificates and the huge number of Registration Authorities that you have no choice but to trust it is easy to stumble upon a malicious executable signed by some unknown company. As james said I wouldn't trust an executable just because it is digitally signed. A bit unrelated to the topic: Bad certificates get revoked but it appears that if your browser is unable to connect to the server containing the up to date CRL (Certificate Revocation List) it will by default trust the certificate. [/QUOTE]
Insert quotes…
Verification
Post reply
Top
