Lastpass and WOT - problem in CD SSL certificate validation facilities?

[Guest]

[mouse1]

Please see Beta bug report here

Still a problem in 4.0.1.6 release version

Mouse

[Jahn]

I'm having the same problem with WOT. It seems to do with their SSL Certificate. This is what I get when trying to log in:

The security (or SSL) certificate for this website indicates that the organization operating it may not have undergone trusted third-party validation that it is a legitimate business. Although the information passed between you and this website will be encrypted, you have no assurance of who you are actually exchanging information with, and many websites connected to cyber-crimes use this type of security certificate. Prior to exchanging sensitive information including login/password, personal identity information, or financial details such as credit card numbers with any website that generates this warning, you should find some alternative method of validating this business or consider abandoning the transaction./quote]

[mouse1]

Yes I have the same problem and I agree its seems related.

A reasonable solution might be the ability to exempt web sites and the services connected to by add-ons from this check. Changing the SSL settings in preferences does not help. I have checked.

Best wishes

Mouse

[mouse1]

This appears to be a problem with CD's SSL verification. Lastpass does hold extended validation.

I append certificate details for lastpass.com (https://lastpass.com/index.php?ac=1).

This is the message you get in CD:

The security (or SSL) certificate for this website indicates that the organization operating it may not have undergone trusted third-party validation that it is a legitimate business. Although the information passed between you and this website will be encrypted, you have no assurance of who you are actually exchanging information with, and many websites connected to cyber-crimes use this type of security certificate. Prior to exchanging sensitive information including login/password, personal identity information, or financial details such as credit card numbers with any website that generates this warning, you should find some alternative method of validating this business or consider abandoning the transaction.

Best wishes

Mouse

[mouse1]

Last pass is fixed in latest version, but not WOT, which does not have an extended validation certificate.

Mouse

[Sal Amander]

Last pass is fixed in latest version, but not WOT, which does not have an extended validation certificate.

Mouse

No, WOT is not working because it has a DV cert. If it had an OV or EV, then it would work.

[Melih]

No, WOT is not working because it has a DV cert. If it had an OV or EV, then it would work.

Web of Trust...hmm.....yet they use a certificate that has NO TRUST in it...

Melih

[EricJH]

Web of Trust...hmm.....yet they use a certificate that has NO TRUST in it...

Melih

Ironic isn't it?

[Jrun]

All the semantics about "TRUST" is nice and funny, but it doesn't help an end user like me who likes having an extension like WOT. Especially in light of giving up the security of NoScript in FF for this (supposedly more secure) chromium based browser.

[Tags:]