[SSL Observatory] Perspectives on Convergence of EFF, EPIC, SSL, TOR, NSA, ET CETERA

Ralph Holz holz at net.in.tum.de
Wed Nov 9 04:44:40 PST 2011


Hi,

> If you're worried about raising red flags by experimenting with a
> high-profile domain like twitter.com, you're welcome to try to spoof
> danielgillmor.com (a domain i control) instead.

I've just checked the local policies at TUM:

http://ca.in.tum.de/policies/servercapol.html

In essence, they ask me to provide a paper form where I state why I want
the cert and for what, plus they say that the DN always has a certain
form. The hostname, in particular, seems to follow certain rules (leaf
udner *tum.de etc.).

Still, I could give the guys a phone call and see what they say...

Ralph

-- 
Dipl.-Inform. Ralph Holz
I8: Network Architectures and Services
Technische Universität München
http://www.net.in.tum.de/de/mitarbeiter/holz/

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 490 bytes
Desc: OpenPGP digital signature
URL: <http://lists.eff.org/pipermail/observatory/attachments/20111109/51f21d5c/attachment.sig>


More information about the Observatory mailing list