Archive for March, 2011

IE CRL check FAIL…

March 2nd, 2011 2 comments

Just follow the steps below:


1. IE setting for CRL checking of the server certificate is enabled


2. Set the hostnames of servers hosting the CRL and /or OCSP to in your hosts file


3. Execute [certutil.exe -urlcache * delete] to remove all cached CRLs


4. Start your browser and tell it to HTTPS:// to the site


5. It will take some time trying to check the CRL/OCSP from the non-existing server


6. After that you are on the site without any warnings! Not really what I expected?!


Firefox gives the same results and only Google Chrome gives us a warning…

What if the same happens with Code Signing? Interesting case we have!


I have just received a postcard from Google…

March 2nd, 2011 Comments off

with my login id and code included and fully readable for everyone.

It is a folded paper with a tiny piece of tape holding the middle of the long edge


If you apply some pressure on the paper then tne content is fully readable with the login ID and Pin Code

Google‘s security philosophy:

As a provider of software and services for many users, advertisers and publishers on the Internet, we recognize how important it is to help protect your privacy and security…..