Fixing An Internet Explorer Security Alert
By Dave Taylor
Expert Author
Article Date: 2010-12-08
Here's an interesting mystery for you: I wrote an article with this title back in 2005, with the original question thusly:
"Dave, I was hoping you could help on this really security alert that keeps on coming up every time I go on the Internet. The alert states the following:
Information you exchange with this site cannot be viewed or changed by others. However, there is a problem with the site's security certificate. The security certificate was issued by a company you have chosen not to trust. View the certificate to determine whether you want to trust the certifying authority. The certificate is valid and the security certificate has a valid name matching the name of the page you are trying to view.
I would be very grateful if you could help stop this security alert from appearing in future."
My original answer actually talked about how to remove the offending certificate:
"You should see the publisher listed that's causing you such problems. On my screen, I have two certificates from Microsoft, published by VeriSign, as you can see. Just delete the entries here by clicking on each one to select it, then clicking "Remove"."
Turns out that was bad advice, and dangerous at that.
After it was called to my attention by some diligent, attentive readers, I added the following warning:
Important Update: Microsoft has issued a notice explaining that there was an erroneous certificate issued by its certificate authority and that you should not, in fact, delete the certificate as I suggest above. Please go and read this tech note at the Microsoft site before you take any action: Erroneous VeriSign-Issued Digital Certificates Pose Spoofing Hazard.
That wasn't enough for some readers, however, so in mid-2008 I went ahead and deleted the article entirely from my site, rather than have bad - or dangerous - information misinterpreted and applied to someone's PC.
Even though I have a disclaimer at the bottom of the page about the site being for entertainment purposes (can you say "advice from a lawyer"?) it's still my goal to offer the best and most accurate advice I can. If it's wrong and the fix doesn't solve the problem, I'll axe an article rather than potentially trip people up...
Which is why it was such a surprise today -- December 2010 -- when I got the following email from a reader:
Hi I found a lot of links online for this page:
http://www.askdavetaylor.com/how_do_i_tell_internet_explorer_to_trust_a_security_certificate.html
It no longer seems to be on your site... is there an updated version?
To remind myself what had happened, I used the terrific Wayback Machine to see what earlier versions of the page had been archived. Its display:
(slightly modified image to be more readable here on the blog, btw)
Seeing the difference between the original page that came online in Oct, 2005 and the last version on the page in 2008 before I deleted it helped me remember what's going on.
The moral? Everything on the Web is permanent, and the Internet has a long memory, even for mistakes...
Comments
About the Author:
Dave Taylor is known as an expert on both business and technology issues.
Holder of an MSEd and MBA, author of twenty books and founder of four
startups, he also runs a marketing company and consults with firms
seeking the best approach to working with weblogs and social networks. Dave
is an award-winning speaker and frequent guest on radio and podcast
programs.
AskDaveTaylor.com
http://www.intuitive.com/blog/
|
