Irony: thawte.com insecure?

I was trying to download some root certificates from thawte, and Firefox gave me this error:

XSS attempt from thawte.com

Thawte is the second biggest public certificate authority in the world. Their entire raison d’être is internet security. I see there being three posibilities here:

they really do have an XSS vulnerability on their site
their site is badly written so as to confuse NoScript
there’s a bug in NoScript that causes a false positive on the Thawte web site

Any of the three is the height of irony.

Leave a Reply Cancel reply

Enter your comment here...

Fill in your details below or click an icon to log in:

Email (required) (Address never made public)

Name (required)

Website

You are commenting using your WordPress.com account. ( Log Out / Change )

You are commenting using your Facebook account. ( Log Out / Change )

Cancel

Connecting to %s

%d bloggers like this:

Cut The Chatter, Red Two

Comments on skepticism, technology, sports, and whatever else I feel like.

Irony: thawte.com insecure?

Leave a Reply Cancel reply

Share this:

Like this:

Related

Leave a Reply Cancel reply