Blogger’s Notice: The following material was plagiarized from a movie script to make the blogger’s point for him. Any resemblance to named companies and technologies is definitely intentional. No animals were harmed in the cutting-and-pasting of this satire.
General Verisign: You want informed browsing?
Cruisin’Consumer: I think I’m entitled to it.
General Verisign: You want Base64 encoded X.509 with DER Signature Algorithm: md5WithRSAEncryptioncertificate?
Cruisin’Consumer: I want information!
General Verisign: You can’t have information! Son, we live in a world that has browsers. And those browsers have to be guarded by SSL. Who’s gonna do it? You? You, Lt. HTTP?
SSL has a greater responsibility than you can possibly fathom. You weep for credit card holders and you curse the phishers. You have that luxury. You have the luxury of not knowing what I know: that phishing, while tragic, probably sold more certificates. And my existence, while grotesque and incomprehensible to you, sells certificates.
You can’t have information. Because deep down, in places WE don’t talk about at parties, WE want SSL in your browser. WE need SSL in your browser. You use words like helpful and usable. We avoid them during earnings calls spent defending our valuation.
I have neither the time nor the inclination to explain “07:fa:4c:69:5c:fb:95″ to people who bing and tweet under the very padlock I provide, then question the manner in which I provide it! I’d rather you just said “Green Bar Equal Happy” and went on your way.
Otherwise, I suggest you
struct {
HandshakeType msg_type;
uint24 length;
select (HandshakeType) {
case hello_request: HelloRequest;
case client_hello: ClientHello;
case server_hello: ServerHello;
case certificate: Certificate;
case server_key_exchange: ServerKeyExchange;
case certificate_request: CertificateRequest;
case server_hello_done: ServerHelloDone;
case certificate_verify: CertificateVerify;
case client_key_exchange: ClientKeyExchange;
case finished: Finished;
} body;
} Handshake;Either way, I don’t give a damn what you think you’re entitled to!
Cruisin’Consumer: Did you create EV?
General Verisign: I did the job my investors sent me to do.
Cruisin’Consumer: Did you create EV?
General Verisign: You’re goddamn right I did!
Cruisin’Consumer: Oh. Now, exactly what the hell is EV? And come to think of it, what is SSL?
[Fade to fraud]
Filed under: certificate authorities, phishing, security, security humor, ssl
