September/October 2018 issue of acmqueue The September/October issue of acmqueue is out now

Subscribers and ACM Professional members login here


  Download PDF version of this article PDF

Error 526 Ray ID: 47c028ee99f9c5ee • 2018-11-19 05:08:36 UTC

Invalid SSL certificate








What happened?

The origin web server does not have a valid SSL certificate.

What can I do?

If you're a visitor of this website:

Please try again in a few minutes.

If you're the owner of this website:

The SSL certificate presented by the server did not pass validation. This could indicate an expired SSL certificate or a certificate that does not include the requested domain name. Please contact your hosting provider to ensure that an up-to-date and valid SSL certificate issued by a Certificate Authority is configured for this domain name on the origin server. Additional troubleshooting information here.


Originally published in Queue vol. 11, no. 1
see this item in the ACM Digital Library



Rich Bennett, Craig Callahan, Stacy Jones, Matt Levine, Merrill Miller, Andy Ozment - How to Live in a Post-Meltdown and -Spectre World
Learn from the past to prepare for the next battle.

Arvind Narayanan, Jeremy Clark - Bitcoin's Academic Pedigree
The concept of cryptocurrencies is built from forgotten ideas in research literature.

Geetanjali Sampemane - Internal Access Controls
Trust, but Verify

Thomas Wadlow - Who Must You Trust?
You must have some trust if you want to get anything done.


(newest first)

Paul Pathiakis | Sun, 31 Mar 2013 17:23:09 UTC


Informative (very), well-written, well-presented and quite incisive. It makes me want to understand MAC framework on a deeper level. The history and future of the MAC framework seems to be quite robust and comprehensive. Although the two vendors of note, Apple and Juniper, are mentioned to be using it and contributing back to the community, are there any other of the known, large corporate vendors (EMC's Isilon, NetApp, Cisco, etc) doing the same? How much overhead does this level of object control come with? (It seems that it would impose quite a bit, however, due to the 'options MAC' allowing you to pick and choose the modules to be kernel loaded at boot time, an administrator or security manager could impose restrictions on only certain functionality/objects, true?) Also, for readers who are not aware of the basics:

blymn | Thu, 31 Jan 2013 12:33:42 UTC

Just a minor historical note - the Junos signed binary execution was based on the verifiedexec feature from NetBSD. Juniper ported the code from NetBSD to FreeBSD and extended the capabilities to change the system from a executable validation system into one that supported signed binaries - something that NetBSD could not do at the time for lack of a BSD licenced crypto framework due to the framework having to be embedded into the kernel and all kernel code having to be BSD licenced.

Leave this field empty

Post a Comment:

© 2018 ACM, Inc. All Rights Reserved.