rhs blog
Richard Schwartz's Web Log
Powered by Lotus Notes & Domino 6



rhs blog is being phased out

Please visit The Power of The Schwartz


penumbra logo Penumbra Bloggers
Dan Fredricksen (rss)
Melissa Gena (rss)
Carolyn Kraut (rss)
Ben Langhinrichs (rss)
Henry Newberry (rss)
Rob Novak (rss)
Rocky Oliver (rss)
Andrew Pollack (rss)

notes logo Domino Bloggers
3C Interop (rss)
Airplay (rss)
Gaston Annebicque (rss)
Andrew Barker (rss)
Robert Basic (rss)
Chris Bekas (rss)
Alan Bell (rss)
Brian Benz (rss)
Ray Bilyk (rss)
Olaf Björklund (rss)
David Bockes (rss)
Michael Braly (rss)
Chris Brandlehner (rss)
Breaking Par (rss)
Ed Brill (rss)
Bill Buchan
Sean Burgess (rss)
Christoper Byrne (rss)
Curt Carlson (rss)
Rune Carlson
Colman Carpenter (rss)
Jerry Carter (rss)
Steve Castledine (rss)
Ferdy Christant (rss)
Chris Coates (rss)
CodeStore (rss)
Patrick Corey (rss)
Jack Dausman (rss)
Ray Davies (rss)
Laurent deWalick (rss)
Dave Dickey (rss)
Almar Diehl (rss)
Frank Docherty (rss)
Domino-IT (rss)
Dragon
Thomas Duff (rss)
Bruce Elgort (rss)
Warren Elsmore (rss)
Ed Falcon
Jens-Christian Fischer (rss)
Wolfgang Flamme (rss)
Dan Fredricksen (rss)
Nathan Freeman (rss)
From Domino (rss)
Melissa Gena (rss)
Nick Goddard (rss)
Mike Golding (rss)
Neil Gower (rss)
Mac Guidera (rss)
David Gurteen
Mike Hamner (rss)
Christopher Harvey (rss)
John Hawkins (rss)
John Head (rss)
Henning Heinz (rss)
Alex Hernandez
Anthony Hicks
Kurt Higley (rss)
Roy Holder (rss)
Jake Howlett
InsideLotus (rss)
Jochen Tinn (rss)
Jon Johnston (rss)
Johan Känngård (rss)
Tony Kelleran (rss)
Chris King (rss)
Justin Knol (rss)
Hynek Kobělka (rss)
Heinz Ulrich Krause (rss)
Carolyn Kraut (rss)
Francois Lafleur (rss)
Neill Laney (rss)
Ben Langhinrichs (rss)
Justin Lauder (rss)
Chris Linfoot (rss)
Joe Litton (rss)
LNDCentral (rss)
Martin Los (rss)
Gonzo Lotusphere (rss)
Declan Lynch (rss)
Eric Mack (rss)
Brian Mahoney (rss)
John Z. Marshall (rss)
Rob McDonagh (rss)
Kathleen McGivney (rss)
Ian McNairn (rss)
Dave Meehan (rss)
Chris Miller (rss)
Stephen Mitchell (rss)
Paul Mooney (rss)
Mike Munnis (rss)
Dave Navarre (rss)
Captain Nelson (rss)
Henry Newberry (rss)
News4Notes (rss)
Tom Nichols
Fabian Nirman
Keith Nolan (rss)
Tom O'Neil (rss)
Bob Obringer (rss)
Rocky Oliver (rss)
Tony Ollivier (rss)
Devin Olson (rss)
Nuno Pereira (rss)
Bruce Perry (rss)
Andrew Pollack (rss)
Ben Poole (rss)
Kevin Presseault (rss)
Colin Pretorius (rss)
Project DX (rss)
Jack Ratcliff (rss)
Niel Revelle (rss)
Julian Robichaux (rss)
Stan Rogers (rss)
John Roling (rss)
Ben Rose (rss)
Jeremy Schwab
Libby "NotesGirl" Schwarz (rss)
Nik Shenoy (rss)
Matt Smith (rss)
Michael Sobczak (rss)
Lance Spellman (rss)
Philip Storry (rss)
Jess Stratton (rss)
Keith Strickland (rss)
Chris Toohey
Carl Tyler (rss)
Erwin van Hunen (rss)
John Vaughan (rss)
Maurice Verhagen (rss)
Florian Vogler (rss)
Michael Wagner (rss)
Volker Weber (rss)
Websphere Portal Notebook (rss)
Paul Westlake (rss)
Matt White (rss)
Colin Williams (rss)
Stephan Wissel (rss)
Ed Wrenbeck
Rob Wunderlich (rss)

Other Bloggers
Jeremy Allaire (rss)
Dave Barry
Ned Batchelder (rss)
Matthew Berk (rss)
Hiawatha Bray
Dan Bricklin (rss)
Bob Congdon (rss)
Cool Tools (rss)
Mark Cuban (rss)
David Pogue (rss)
Howard Dean
Peter DeHaas (rss)
Gary Devendorf (rss)
Esther Dyson
Bruce Eckel (rss)
Miguel Estrada (rss)
Amitai Etzioni
Bob Frankston & David Reed (rss)
Adam Gaffin (rss)
Dan Gillmor (rss)
Steve Gillmor (rss)
Gary Hart
Charles Hudson (rss)
Chris Kagy (rss)
Mitch Kapor (rss)
Damien Katz (rss)
Lawrence Lessig (rss)
Pete Lyons (rss)
Many to Many (rss)
Joshua Marshall (rss)
Ross Mayfield (rss)
Measure Twice (rss)
Michael Moore
Peter O'Kelly (rss)
Ray Ozzie (rss)
Sebastian Paquet
John Patrick (rss)
Jonathan Peterson (rss)
Tom Peters (rss)
Mark Pilgrim (rss)
Glenn Reynolds
Steve Rubel (rss)
Sam Ruby (rss)
Pito Salas (rss)
Michael Sampson (rss)
Andrew Samwick (rss)
David Schatsky (rss)
Kevin Schofield (rss)
Jonathon Schwartz (rss)
Robert Scoble (rss)
Clay Shirky (rss)
Smart Mobs
SocialText Blog (rss)
Joel "on Software" Spolsky (rss)
Jon Udell (rss)
Venture Blog
Wil Wheaton (rss)
Andy Williams Affleck (rss)
Dave Winer
Amy Wohl
Tom Yager (rss)
Steve ?

notes logo Notes & Domino
Penumbra Group LDD OpenNTF
Lotus Software IBM FAQ

notes logo Domino Blogging
FreeDom Blog Dom Blog
BlogSphere DominoBlog

RHS On The Web
RHS Consulting Home Page
Links To This Page

On www.lotus.com...
 Lotusphere 2003 Preview

On www.advisor.com...
 Lotusphere 2002
    Reports 1 2 3
 Domino Designer 5
 The Notes C++ API
 .NET and Domino
 LotusScript Coaching
 Tips 'n Tricks

On LDD Today (www.notes.net)....
 Lotusphere 2003
    Reports 1 2 3 4
 Field Encryption
 Frames in 4.6
 Domino Architecture,
    Parts 1 and 2
 Bruce's Article on
    Objects

This Explains My Verisign Hits Yesterday

I was looking at my googles last night (due to Ed, Rocky, and Libby's posts reviewing theirs), and oddly enough there had been an unusual spike in google hits over the past two days. In the past 48 hours, I have gotten an amazing number of hits for "crl.verisign.com" in combination with a boatload of different other search words. Now I know why. See this CNET article about the expiration of Verisign's ICA certs, which occurred on Wednesday. I've written several articles about Verisign in the past, and I responded to a post about crl.verisign.com on Michael Braly's blog, and I've got that response linked in my Recent Responses block. This seems to have raised up my page rank on this subject, and a bunch of people who have been running into problems due to certificate expiration have found their way here.

So, if you're getting error messages or seeing unusual firewall activity regarding crl.verisign.com, first of all be aware that I'm not really an authority on this sort of stuff but I believe I do understand it pretty well and I am quite comfortable with saying that I don't think there are any security risks or any shenanigans on Verisign's part going on -- for a change. This is just one of those things that happens as a result of good security policies built into PKI, and administrators not keeping their systems up to date. If you want further info, read the CNET article, read the explanation from Verisign. read the instructions for updating your certificates from Verisign, and read instructions from IBM if you are a Domino admin, and finally read this explanation from RSA of what certificate revocation lists are.

Update: Another CNET article indicates that the expiration of the Verisign certs blew up Norton AntiVirus and through Norton it also blew up Word and Excel. The article also goes on to explain the connection between the certificate expiration and the certificate revocation lists on the crl.verisign.com server. Apparently the expiration of the certificates caused lots of software to fall into logic that checks for certicate revocation, overloading the crl server. Symantec has published a workaround for Norton AntiVirus users experiencing this problem.

Update 2Andy Oram blogged on the O'Reilly site, drawing an interesting parallel between the Verisign/Norton issue and monoculture issues. I can't agree, however, and I posted a response. As much as I wouldn't really mind having another reason to bash Verisign, this really could have happened to any CA that doesn't have adequate infrastructure. Oh wait ;-) It's a reason to bash Verisign after all ;-)

Update 3Now, here's The Register's story about the dead Verisign certificate.




Discussion | Post Response


This Explains My Verisign Hits Yest... ( 9-Jan-04)
. . RE : This Explains My Verisign Hits... ( 9-Jan-04)
My Company An Association of Lotus Business Partners That I Helped Found
I contributed to this book
Previous MonthJan05
1234567
891011121314
15161718192021
22232425262728
293031

By Category
Blogs, Social Software & Collaboration
Business, Processes & Methods
Computer Industry News
Diversions
Events, Presentations & Awards
IBM, Lotus, Notes & Domino
Law and Technology
News, Politics, Issues, Opinion
Personal
Pet Peeves
Programming
Projects - Blog Aggregator
Projects - RSS Feed Generator
QuickBlogs
Spam & Security
Systems And Networking
Technology & Science
Tips - Programming
Travel & Food
Tributes


Recent Blog Responses
Nathan Freeman: App Store
Keith Brooks: Journaling
Phil Simon: Notes search
Chris Miller: Evals part 2
Chris Miller; Evals part 1
Andrew Pollack: Hosted
Andre Guirard: Case
Ben L: All Characters
Darren Duke: Transaction Log
vowe: Feed patent
vowe: Medals
Amy B.: Crucial

Really Useful Blog Entries
Volker Weber's: devWorks Live links
Mike Golding's CSS Buttons
Kalsey: Button Maker
McKnight: Steal These Buttons
Kalsey: CSS Tabs

Required Reading
Joel on Software - Strategy Letter V
Understanding Notes and Its Developers
Rise of the Stupid Network
Dijkstra: Programming as a Human Activity
Fred Brooks: No Silver Bullet
Ken Thompson: Trusting Trust
Paul Graham: Hackers and Painters
Paul Graham: Lots of Stuff About Spam
notestips.com :: Homepage Best Practises
Shirky: A Group Is Its Own Worst Enemy
Joel On Software: Stupidity
Intranet Journal: Content Owners & Developers
Chris Linfoot: Email Disclaimers
Jack Dausman: Server ID Security
Jim McCarthy: 21 Rules of Thumb

What's All This About Social Software?
Social Software Alliance Wiki
Guardian: Social climbers
Headshift: Smarter, Simpler Social
Many-to-Many: Social Software
Shirky: Politics of Groups
Smart Mobs: Historical Roots
Coates: Working Definition
Corante: Earliest Use of the Term
Corante: Why Social Software?
Corante: Why Now?
Shirky: IM Rulz
Stowe Boyd: -Are You Ready?
Many-to-Many: Communities and Networks

Noters & Domino 6 Bible Mentions
Volker Weber: What a fat book
Ray Davies: Comment
Joe Litton: Welcome Rocky!

Contact Info
email - Email
aim - AIM
home - Personal Home Page
home - RHS Consulting Home Page

Search
Javascript required for search

Legal
Attribution required. Permission required for commercial use.

Translation