[Dshield] betaplace.com

Thomas J. Jablonowski T.Jablonowski at boop.us
Sat Dec 6 02:43:44 GMT 2003


Just a heads up (not seeing the original message) www.betaplace.com is in
the process of being migrated to a sub-site of the microsoft.com domain
during the early part of this month. Messages were sent out to users
notifiying them of this.  

-----Original Message-----
From: list-bounces at dshield.org [mailto:list-bounces at dshield.org] On Behalf
Of Johannes B. Ullrich
Sent: Friday, December 05, 2003 21:07
To: list at dshield.org
Subject: [Dshield] betaplace.com

-------
Preamble: This is a very confusion issue. In order to avoid more confusion,
I am sending this post ahead of other replies. I usually don't hold other
posts back. But I would like to avoid confusion.
All other posts, if they agree or not, will be approved shortly.
--------


'www.betaplace.com' is an authentic site operated by Microsoft.

However, I agree that it is confusing. The 'https' version is using an SSL
certificate, which is signed by "Microsoft Secure Server Authority". My
browser (Mozilla), does not include this as a trusted certificate.

The evidence that tipped me off that it may be a valid Microsoft site was
whois information. A colleague pointed out, that 'bataplace.com'
uses Microsoft name servers. Another piece of evidence that this site is
legit.

A word about 'https' and SSL.
(this is very brief and incomplete. if someone knows a good url, please
post)

SSL is based on hierarchic "trust". Your browser includes a number of
trusted certificates. Usually about a dozen. These include well known
companies like Verisign, Globaltrust, Thawte and such, which are in the
business of signing SSL certificates.

If you run a secure web site, you generate a certificate, and send it to one
of these companies to have it signed. The companies will check that you are
authorized to have this certificate and will sign it if they think it is
correct.

Microsoft decided to ship its own certificate with Internet Explorer, in
addition with the standard certificates (Verisign...). Microsoft can use
this for sites which they only need to authorize to Internet Explorer users.

I think for all other purposes, Microsoft uses one of the regular companies
to have its certificates signed.

 

-- 
CTO SANS Internet Storm Center               http://isc.sans.org
phone: (617) 786 1563            
  fax: (617) 786 1550                          jullrich at sans.org




More information about the list mailing list