The Daves Collective

Death of the Internet, part XXXXII
2004-01-08 22:06

Bing bong we regret to announce the Internet is broken due to the expiry of a Verisign root certificate. This jiggers yer Java and knackers yer Norton. Groooovy. It explains the repeated 20-sec hangs on starting the Norton firewall which have been bothering me all afternoon. If it wasn't for a couple of Windoze apps I wouldn't have this grief. Because the Norton stuff is Java based, upgrading the JRE fixed it.

Staggeringly, right-clicking in Windoze Explorer produces the same 20-sec hang! It would appear that the notoriously integrated MSIE gets upset over the expiry if you have "check for certificate revocation" checked (as you should) - even though you are not using any certificates that need checking. I'd be willing to bet this is an example of objecthead design, some bloody class constructor probably contains code it shouldn't.

So let's hear it for Sun, who could have been shipping JRE's with new certificates since December 2001, but who have apparently only done so since November 2003. Let's hear it for Symantec, whose software is not directly at fault but who chose to use Java for their product and who are too coy to admit to this problem on their webshite, or to recommend the JRE update as a workround, and whose LiveUpdate has insisted all day that everything is peachy. Let's hear it once again for Microsoft and the integration of MSIE. And let's hear it for Verislime, not the Net's favourite company, who reacted to the collapse of crl.verisign.com by null-routeing it in DNS, thereby temporarily abdicating their position of trust and (for now) making the Net just a little bit less safe.

Oh yes, not to forget, the new certs expire in 2011. Here's to the next time.

For further drivel see the Index