Bitcoin Forum
December 10, 2016, 07:23:53 AM *
News: To be able to use the next phase of the beta forum software, please ensure that your email address is correct/functional.
 
   Home   Help Search Donate Login Register  
Pages: « 1 [2] 3 »  All
  Print  
Author Topic: Dwolla's SSL certificate has been revoked  (Read 5251 times)
sadpandatech
Hero Member
*****
Offline Offline

Activity: 504



View Profile
July 22, 2012, 03:03:18 AM
 #21

Link doesn't work for me; Serial that I have is ‎2b 2c b5 6f 09 3c 54 a0 f9 49 37 69 55 eb c2 20 Huh

link works OK;

Verify Certificate Common Name:   www.dwolla.com 
Status:   Revoked 
Validity (GMT):   Jun 21, 2011 - Jun 20, 2013 
Class:   Digital ID Class 3 - Extended Validation SGC FreeReplacement 
Organization:   Dwolla Corp. 
Organizational Unit:   Online Services
Terms of use at www.verisign.com/rpa (c)05
 
State:   Iowa 
City/Location:   Des Moines 
Country:   US 
Serial Number:   2b2cb56f093c54a0f949376955ebc220 
Issuer Digest:   027604bed5c781846325897410d66ecc 

If you're not excited by the idea of being an early adopter 'now', then you should come back in three or four years and either tell us "Told you it'd never work!" or join what should, by then, be a much more stable and easier-to-use system. - GA
It is being worked on by smart people. -DamienBlack
1481354633
Hero Member
*
Offline Offline

Posts: 1481354633

View Profile Personal Message (Offline)

Ignore
1481354633
Reply with quote  #2

1481354633
Report to moderator
1481354633
Hero Member
*
Offline Offline

Posts: 1481354633

View Profile Personal Message (Offline)

Ignore
1481354633
Reply with quote  #2

1481354633
Report to moderator
1481354633
Hero Member
*
Offline Offline

Posts: 1481354633

View Profile Personal Message (Offline)

Ignore
1481354633
Reply with quote  #2

1481354633
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1481354633
Hero Member
*
Offline Offline

Posts: 1481354633

View Profile Personal Message (Offline)

Ignore
1481354633
Reply with quote  #2

1481354633
Report to moderator
1481354633
Hero Member
*
Offline Offline

Posts: 1481354633

View Profile Personal Message (Offline)

Ignore
1481354633
Reply with quote  #2

1481354633
Report to moderator
sadpandatech
Hero Member
*****
Offline Offline

Activity: 504



View Profile
July 22, 2012, 03:04:27 AM
 #22

Looks like they are already on it. New entry just appeared;

Verify Certificate Common Name:   www.dwolla.com  
Status:   Pending Renewal  
Validity (GMT):   Jul 22, 2012 - Jul 22, 2014  
Class:   Digital ID Class 3 - Extended Validation SGC Renewal  
Organization:   Dwolla Corp.  
Organizational Unit:   Online Services
Terms of use at www.verisign.com/rpa (c)05
 
State:   Iowa  
City/Location:   Des Moines  
Country:   US  
Serial Number:   2c34739c28b93ac00ea3009662affcff  
Issuer Digest:   0d0a7f5229e7dacc9b3bbfb77bb9fc6a  


If you're not excited by the idea of being an early adopter 'now', then you should come back in three or four years and either tell us "Told you it'd never work!" or join what should, by then, be a much more stable and easier-to-use system. - GA
It is being worked on by smart people. -DamienBlack
rjk
Sr. Member
****
Offline Offline

Activity: 420


1ngldh


View Profile
July 22, 2012, 03:06:15 AM
 #23

link works OK;

Continue session
Error
Due to inactivity and for security reasons, your user session has timed out. Click Continue to go to the VeriSign home page.

   

Mining Rig Extraordinaire - the Trenton BPX6806 18-slot PCIe backplane [PICS] Dead project is dead, all hail the coming of the mighty ASIC!
sadpandatech
Hero Member
*****
Offline Offline

Activity: 504



View Profile
July 22, 2012, 03:09:03 AM
 #24

link works OK;

Continue session
Error
Due to inactivity and for security reasons, your user session has timed out. Click Continue to go to the VeriSign home page.

   


ahh, did not see the session ID on my end. hehe.

Just put www.dwolla.com in the search here;
https://securitycenter.verisign.com/celp/enroll/searchCertDetails?

If you're not excited by the idea of being an early adopter 'now', then you should come back in three or four years and either tell us "Told you it'd never work!" or join what should, by then, be a much more stable and easier-to-use system. - GA
It is being worked on by smart people. -DamienBlack
rjk
Sr. Member
****
Offline Offline

Activity: 420


1ngldh


View Profile
July 22, 2012, 03:10:35 AM
 #25

ahh, did not see the session ID on my end. hehe.

Just put www.dwolla.com in the search here;
https://securitycenter.verisign.com/celp/enroll/searchCertDetails?
System Unavailable

The system is currently not available. Please retry your request later.

 Tongue Grin
I'm guessing you have a login somewhere?

Mining Rig Extraordinaire - the Trenton BPX6806 18-slot PCIe backplane [PICS] Dead project is dead, all hail the coming of the mighty ASIC!
sadpandatech
Hero Member
*****
Offline Offline

Activity: 504



View Profile
July 22, 2012, 03:13:40 AM
 #26

ahh, did not see the session ID on my end. hehe.

Just put www.dwolla.com in the search here;
https://securitycenter.verisign.com/celp/enroll/searchCertDetails?
System Unavailable

The system is currently not available. Please retry your request later.

 Tongue Grin
I'm guessing you have a login somewhere?
bastards ;p

https://securitycenter.verisign.com/celp/enroll/outsideSearch?application_locale=VRSN_US

If you're not excited by the idea of being an early adopter 'now', then you should come back in three or four years and either tell us "Told you it'd never work!" or join what should, by then, be a much more stable and easier-to-use system. - GA
It is being worked on by smart people. -DamienBlack
EnergyVampire
Full Member
***
Offline Offline

Activity: 210



View Profile
July 22, 2012, 03:56:13 AM
 #27

Dwolla on Twitter (23 minutes ago):

"Working with our partners at @verisign and @symantec to look into a certificate issue some of our users are reporting. Still secure.

Edit: Linky www.twitter.com/dwolla/status/226882115516653568

sadpandatech
Hero Member
*****
Offline Offline

Activity: 504



View Profile
July 22, 2012, 03:58:26 AM
 #28

Dwolla on Twitter (23 minutes ago):

"Working with our partners at @verisign and @symantec to look into a certificate issue some of our users are reporting. Still secure.

I wonder if someone manged to guess their passphrase on verisign and hit revoke on it? Seems unlikely, but otherwise this is some really strange 'issue'..


Anyone with a cert of there own able to verify that just hitting 'options' and then entering your passphrase will give one the option to revoke from there on Verisign?

If you're not excited by the idea of being an early adopter 'now', then you should come back in three or four years and either tell us "Told you it'd never work!" or join what should, by then, be a much more stable and easier-to-use system. - GA
It is being worked on by smart people. -DamienBlack
Gabi
Legendary
*
Offline Offline

Activity: 1050


View Profile
July 22, 2012, 01:12:24 PM
 #29

Same message here on my Firefox

sec_error_revoked_certificate

 Undecided
niko
Hero Member
*****
Offline Offline

Activity: 742


There is more to Bitcoin than bitcoins.


View Profile
July 22, 2012, 03:08:55 PM
 #30

The issue is still there. According to Firefox, the certificate has been revoked. According to Android browser, it is valid, and the page loads. Doesn't Android check for revoked certificates?!

They're there, in their room.
Your mining rig is on fire, yet you're very calm.
Phinnaeus Gage
Legendary
*
Offline Offline

Activity: 1302


Bitcoin: An Idea Worth Spending


View Profile
July 22, 2012, 03:21:35 PM
 #31

I wonder if this is having any effect on pirateat40's business model.  Grin
sadpandatech
Hero Member
*****
Offline Offline

Activity: 504



View Profile
July 22, 2012, 04:22:00 PM
 #32

 WWW.DWOLLA.COM     Pending Renewal   Digital ID Class 3 - Extended Validation SGC Renewal   Jul 22, 2012 to Jul 22, 2014 
  WWW.DWOLLA.COM     Revoked   Digital ID Class 3 - Extended Validation SGC Renewal   Jun 21, 2011 to Jun 6, 2013 
  WWW.DWOLLA.COM     Revoked   Digital ID Class 3 - Extended Validation SGC FreeReplacement   Jun 21, 2011 to Jun 20, 2013 


I'm assuming from the 'free replacement' that is listed this happened to them before.  Their new one is still pending.

If you're not excited by the idea of being an early adopter 'now', then you should come back in three or four years and either tell us "Told you it'd never work!" or join what should, by then, be a much more stable and easier-to-use system. - GA
It is being worked on by smart people. -DamienBlack
Soros Shorts
Donator
Legendary
*
Offline Offline

Activity: 1459



View Profile
July 22, 2012, 05:35:17 PM
 #33

Looks like it is working now with a GoDaddy Class 2 cert. Probably a temporary fix until they get their green-bar cert working again.
DublinBrian
Full Member
***
Offline Offline

Activity: 197


View Profile
July 22, 2012, 07:11:38 PM
 #34

Call me a conspiracy theorist, but I believe this is The Powers That Be (TPTB) using their influence at Verisign to interfere with bitcoin.

A few months ago, I have had similar problems with Firefox telling me that the certificates were not valid on the Intersango, Mt Gox, and btc-e.com.

Even today, my android phone will not let me use MtGox Mobile app due to some problem with the certificate.

IMO TPTB use certificates authorities and anti-virus software like Norton to implement a casual form of website blacklisting.
unclemantis
Member
**
Offline Offline

Activity: 98


(:firstbits => "1mantis")


View Profile
July 22, 2012, 07:20:17 PM
 #35

Call me a conspiracy theorist, but I believe this is The Powers That Be (TPTB) using their influence at Verisign to interfere with bitcoin.

A few months ago, I have had similar problems with Firefox telling me that the certificates were not valid on the Intersango, Mt Gox, and btc-e.com.

Even today, my android phone will not let me use MtGox Mobile app due to some problem with the certificate.

IMO TPTB use certificates authorities and anti-virus software like Norton to implement a casual form of website blacklisting.

This is why we need to develop the DarkNet real freaking quick.

PHP, Ruby, Rails, ASP, JavaScript, SQL
20+ years experience w/ Internet Technologies
Bitcoin OTC | GPG Public Key                                                                               thoughts?
Astro
Sr. Member
****
Offline Offline

Activity: 242



View Profile
July 22, 2012, 07:33:03 PM
 #36

Call me a conspiracy theorist, but I believe this is The Powers That Be (TPTB) using their influence at Verisign to interfere with bitcoin.

A few months ago, I have had similar problems with Firefox telling me that the certificates were not valid on the Intersango, Mt Gox, and btc-e.com.

Even today, my android phone will not let me use MtGox Mobile app due to some problem with the certificate.

IMO TPTB use certificates authorities and anti-virus software like Norton to implement a casual form of website blacklisting.

Ridiculous.  When "TPTB" start giving a shit about Bitcoin, they won't interfere with some passive-aggressive certificate revocation scheme.  They'll come at it with guns blazing.
sadpandatech
Hero Member
*****
Offline Offline

Activity: 504



View Profile
July 22, 2012, 07:47:33 PM
 #37

Call me a conspiracy theorist, but I believe this is The Powers That Be (TPTB) using their influence at Verisign to interfere with bitcoin.

A few months ago, I have had similar problems with Firefox telling me that the certificates were not valid on the Intersango, Mt Gox, and btc-e.com.

Even today, my android phone will not let me use MtGox Mobile app due to some problem with the certificate.

IMO TPTB use certificates authorities and anti-virus software like Norton to implement a casual form of website blacklisting.

Ridiculous.  When "TPTB" start giving a shit about Bitcoin, they won't interfere with some passive-aggressive certificate revocation scheme.  They'll come at it with guns blazing.

not to mention isn't bitcoin only a small part of Dwolla's business?  It is still possible someone has it out for Dwolla but who that may be is anyones guess.

If you're not excited by the idea of being an early adopter 'now', then you should come back in three or four years and either tell us "Told you it'd never work!" or join what should, by then, be a much more stable and easier-to-use system. - GA
It is being worked on by smart people. -DamienBlack
Gabi
Legendary
*
Offline Offline

Activity: 1050


View Profile
July 22, 2012, 07:48:47 PM
 #38

Call me a conspiracy theorist, but I believe this is The Powers That Be (TPTB) using their influence at Verisign to interfere with bitcoin.

A few months ago, I have had similar problems with Firefox telling me that the certificates were not valid on the Intersango, Mt Gox, and btc-e.com.

Even today, my android phone will not let me use MtGox Mobile app due to some problem with the certificate.

IMO TPTB use certificates authorities and anti-virus software like Norton to implement a casual form of website blacklisting.
Stay calm, here is the solution about the certificates problem http://perspectives-project.org/
sadpandatech
Hero Member
*****
Offline Offline

Activity: 504



View Profile
July 22, 2012, 07:52:48 PM
 #39

Call me a conspiracy theorist, but I believe this is The Powers That Be (TPTB) using their influence at Verisign to interfere with bitcoin.

A few months ago, I have had similar problems with Firefox telling me that the certificates were not valid on the Intersango, Mt Gox, and btc-e.com.

Even today, my android phone will not let me use MtGox Mobile app due to some problem with the certificate.

IMO TPTB use certificates authorities and anti-virus software like Norton to implement a casual form of website blacklisting.
Stay calm, here is the solution about the certificates problem http://perspectives-project.org/

how does one know they can trust the 'network notary' server? It seems like one more point of potential breach to me to bypass the CA's and then rely on yet another place for verification of SSL certs. Granted I did not read through to see how they address the trust issue.

If you're not excited by the idea of being an early adopter 'now', then you should come back in three or four years and either tell us "Told you it'd never work!" or join what should, by then, be a much more stable and easier-to-use system. - GA
It is being worked on by smart people. -DamienBlack
paraipan
Legendary
*
Offline Offline

Activity: 924


Firstbits: 1pirata


View Profile WWW
July 22, 2012, 08:10:58 PM
 #40

Call me a conspiracy theorist, but I believe this is The Powers That Be (TPTB) using their influence at Verisign to interfere with bitcoin.

A few months ago, I have had similar problems with Firefox telling me that the certificates were not valid on the Intersango, Mt Gox, and btc-e.com.

Even today, my android phone will not let me use MtGox Mobile app due to some problem with the certificate.

IMO TPTB use certificates authorities and anti-virus software like Norton to implement a casual form of website blacklisting.
Stay calm, here is the solution about the certificates problem http://perspectives-project.org/

how does one know they can trust the 'network notary' server? It seems like one more point of potential breach to me to bypass the CA's and then rely on yet another place for verification of SSL certs. Granted I did not read through to see how they address the trust issue.

I think this quote clears it out...


Quote
Perspectives takes a different approach to how the web browser determines if an SSL certificate is valid.  Instead of requiring browser users to trust an anointed group of certificate authorities, Perspectives gives users the ability to pick a group they trust (e.g., the EFF, Google, their company, their university, their group of friends, etc.) and trust no one else.

How is this possible?  Perspectives has a decentralized model that let’s anyone run one or more “network notary servers”.  A network notary server is connected to the Internet and regularly monitors websites to build a history of the SSL certificate used by each site.  Notary servers or groups of notary servers may be operated by public organizations, private companies, or even individuals.

Rather than validating an SSL certificate by checking for certificate authority approval, with Perspectives the browser validates a certificate by checking for consistency with the certificates observed by the network notaries over time.  With network notary servers spread around the world and keeping a history of data, it is VERY hard for an attacker to launch a man-in-the-middle attack (see our academic paper for a full security analysis).

Just like a user picks which search engine their browser will use, they user can also choose what group(s) of network notaries they will trust.  The user him/herself  can choose whether they trust Comodo, the U.S government, the Chinese government, or not.  And because all notary data is public, the quality of different network notaries can be measured and evaluated by anyone, creating a market for better security.


BTCitcoin: An Idea Worth Saving - Q&A with bitcoins on rugatu.com - Check my rep
Pages: « 1 [2] 3 »  All
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!