Note that this fix may turn out to be worse than the disease....
Occasionally, a private key gets compromised, and so the corresponding
public key can no longer be trusted. The certificate revocation list is the
mechanism for alerting machines that the old key cannot be trusted and they
must obtain the new one.
If whoever compromised the old one were to use it -- say, to offer some
malware *apparently* signed by Microsoft (an awful lot of people check the
"always trust content from..." box!) -- then none of the remedial steps that
would be taken to rescind the old key would be noticed by machines to which
the below "fix" had been applied.
David Gillett
On 9 Jan 2004 at 21:13, Toomas Piibe wrote:
> It is so for all NAV users. Symantec blames Verisign.
>
> More (from Symantec viewpoint) and fix or workaround
> http://service1.symantec.com/SUPPORT/sharedtech.nsf/docid/2004010810205113
>
> Workaround is to go Internet Options and disable
> Check for publisher's certificate revocation (under Advanced tab ->Security )
>
> ----- Original Message -----
> From: "Elliott Ryder" <[log in to unmask]>
>
> > *********I have Windows XP and also the 1/5/04 NAV update and have the
> > update shown in the 'miscellaneous' file and do not note the slowdown so
> > perhaps that idea of a strange virus may have something to it.
PCSOFT maintains many useful files for download
visit our download web page at:
http://freepctech.com/downloads.shtml
|