Dosoveride
Mon Oct 27 21:56:06 CST 2003
it could happen for a few reasons:
1: the user created the SSL certificate themselves. This is cheap, allows
encryption, but doesn't establish the trust relationship that is the basis
of SSL for e-commerce.
2: The certificate's DNS name doesn't match the DNS that is using the
certificate. Not too big. If (1) doesn't apply, and it's the same domain
like *.microsoft.com (for a time, maybe still now, the win update did this
after MSBlaster.A hit it as a zombie Denial of Service.) It's not as big an
issue. It the domain completely moved, check the ARIN db for matching
owners. If that's the case, not good as per (1), but not too bad either.
If verisign issued it, there might be a verisign seal. click on that and
you'll see some other info.
3: Someone is spoofing the certificate and trying to pass the site off as
somthing it isn't.
"anonymous" <anonymous@discussions.microsoft.com> wrote in message
news:087e01c3991b$b0d93ee0$a101280a@phx.gbl...
> I get this same validation certificate is not valid
> from ING. Which is strange because ING has commercials
> on TV all the time. The bus stop bench ones. So far I
> just pick ok and enter the site. One year so far with no
> problems.
>
> Once 2 months ago I searched the ING site and found
> the customer service and sent ? email. No response so
> far.
>
>
> >-----Original Message-----
> >when going into certain sites I get security alert pop
> up
> >saying my validation certificate is not valid....on the
> >Halifax.co .uk web site,this says it could be because I
> >was using IE4 OR IE5 but it is IE6 I have??....the
> >certificates seem to be from VERISIGN
> >
> >.
> >