Category: Networking Faux Pas
-
TTP means Trusted THIRD Party
Check out https://plus.google.com. It’s got a certificate for “*.google.com”. Wildcard certs may be the “store the used control rods in the attic and forget about them” technical trick of the certificate world. But wait, it gets better. This was issued by the “Google Internet Authority”. This presumptuous name describes a Certificate Authority, operated by Google…
-
Trust was SUPPOSED TO means “trust the web site operator”
Check out this . Note the hostname mismatch (it’s got a GeoTrust cert for www.adgrafics.com. Note the WEB TRUST seal in the upper right corner. Click on that, let Chrome kindly translate (appologies, I don’t read Russian or Ukranian.) Note the seal is from “https://webtrustukraineseal.com” (confused yet?) and THAT says “Verisign Trusted” (Verisign != GeoTrust.)…
-
D/R 301: Put the Cat up on blocks behind the building
After your enterprise has grown up enough to really need electricity all the time, uninterruptable power becomes a necessity. In the 70’s if you drove through Waltham Massachusetts on Route 128 you could point out the large enterprises. They all had a Cat diesel engine mounted on cinder blocks behind the building, set up to…
-
D/R 201: Maintain Fresh Batteries
Years ago, at the dawn of the dot-Com age, when crypto was cool and Distinguished Names were already an arcane concept, there was a story, let’s be kind and say it’s an urban legend, about root keys. In the early days you bought a BBN Safekeeper. It kept the RSA private key safe. It had…
-
Not the PowerPoint slide you wanted to share
This is DEFINITELY not the PowerPoint slide you want shared at your next project postmortem meeting where you discuss poor estimates of project risk. On the other hand, the next postmortem I have to attend is one of those “…and THAT is why I was standing in the data center in front of the Cisco…