UPDATE: (sent 0008 GMT)
By way of introduction I am the technical director for the PIP/SeatBelt project here at Verisign. You are seeing this message because you are a SeatBelt user and you need to update your SB with the latest configuration file. This afternoon we updated our EV cert on the server which requires you to update the configuration file used by SeatBelt (you should have been prompted to do this).
To update please do the following:
1) In Firefox go to: Tools->Add-ons
2) Find SeatBelt and click on it once to highlight.
3) Click on Options
4) Go to the tab “OpenID Providers” and click on the Update button.
5) Close and reopen Firefox and you should be all set.
If this does not work prior to step 1 clear your browser cache and then follow the steps.
Let me know if you have any issues.
Thanks,
Gary.
——————————————————————–
At the time of writing I was able to get signed into the Personal Identity Portal (PIP) site.
Though, I still get these two warnings when signing in:
Warning, an attempt to check your OpenID Provider login status returned an invalid SSL certificate.and
It appears you are attempting to visit ‘pip.verisignlabs.com’. However, the web site certificate for this Provider does not validate. VeriSign recommends you do not trust this site.I found the Personal Identity Portal by Verisign Labs quite a while back. I love it so much that I have it set as my home page.
(Firefox actually crashed at this point initially when I opened a tab to check out the FAQ of the PIP)
The basic premise of the PIP account is two fold.
1. It provides you with an OpenID.
2. It acts as a safe for lots of common log ons. It’s One Click Sign-in is a great idea. (though it takes more than one click now!)
Many people may recognise the name of Verisign from general internet browsing, as a recognised name in internet security.
And this is the main reason I wrote this post. They failed (in my opinion) at their own job.
I first tweeted this first earlier when I tried to sign in.
Verisign FAIL! http://www.flickr.com/photo…I posted a few photos in my Flickr showing what words couldn’t describe.
I’d make this post more coherent but my brain has turned to mush.
Filed under: Tech, general, observation | 11 Comments
Tags: security
My frustration is that not enough site support OpenID. Great functionality, just not adopted enough yet sadly.
Exactly, I think it’s a great idea but also there are far too many sites trying to do it! You end up with more than one Open ID!
I have:
Google
WordPress
Flickr
Yahoo
and the PIP Verisign one!
Hi doug!
Comment.
Do you want me to point the irony in here?
Verisign used to sell those SSL Certs which got expired.
Get global. Shame globally!
@Larry – brilliant contribution. I’ll give you 10 cool points for that!
@Rey – Hi! and thanks for checking this out.
@Aldrin – That’s basically what I was pointing out, a security certificate company whose own security certificates have expired. My mind wasn’t 1005 when I wrote this so I didn’t actually say as much.
Well, actually you were the first relevant blog hit about that. Shame it will only happen with a couple of users which fired firefox between the expiry and the replacing (here is the original pic when the cert expired – seems they replaced, thus only the warnings)
I think they need to replace the cert in my PIP then. Useful I can sign in again but annoy about the warnings that should not be there.
I tweeted about this too. I thought it was the weirdest thing for a certificate to expire from a company that issues certs. Like you I’m still getting the warnings, which shouldn’t happen.
Thinks its a verisign fail. too. But is it a security issue? Checking certificate now. I must not have had enough coffee, I can’t make heads or tails of which certificate is which.
Doug,as I have no bloody idea what you are discussing here, it was ironic wit by default. I will stay tuned and perhaps learn something.