Re: [tlug] cacert question

["Stephen J. Turnbull" <stephen@example.com>]

Raymond Wan writes:

 > Opps...  :-)  I've clicked OK sometimes, too, but never for 
 > use with a credit card.  Usually to do something that (I 
 > think) is harmless like reading forums or some other text. 
 > Always makes me wonder why they went to the trouble of 
 > getting a certificate that isn't authorized or is no longer 
 > valid for something that seems harmless.

I click OK regularly, because my university uses a Japanese root
authority that isn't in Firefox's default list yet.  (I could fix that
locally, but it amuses me to click on the fairly infrequent occasions
I need to use that site. :-)

 > > If you still have that receipt with all but the last 4 digits,
 > > I'll be happy to give this merchant a call and explain them (or
 > > their upstream provider) about PCI DSS requirement 3.3 for
 > > masking (leaving at most the first 6 and last 4 digits)

Heh.  Good luck with MUFG (that's Tokyo Mitsubishi Bank).  They only
mask the last three digits on the statement.