> -----Original Message----- > From: Niklas Lemcke - ??? > Sent: Sunday, June 15, 2014 2:40 <snip/> > > > Right now we have a web certificate from StartSSL, with > the validation > > > for a wildcard certificate in progress. Is there any > reason you would > > > consider StartSSL not trusted? > > > > Bad phrasing on my part. I was listing "requirements for a > cert" not saying a > > given cert was from an untrusted CA. > > > > I was un aware from reading the mailing list that there was > progress or even a > > start on the web cert. Good to hear. > > > > I was mentioning it because the current cert is issued to > > https://blade01.coletteral.net, a name based virtual host. > > > https://www.ciphershed.org also serves the ciphershed.org cert. What > page exactly serves the coletteral cert? > Interesting, it seems that you are using a newer extension in TLS than IE (please forgive me, my day job revolves around it) and openssl supports, so the server is sending the generic x509 cert. Firefox, chrome and curl get the "proper" cert. Browsing https://ciphershed.org/ (https://www.ciphershed.org/ redirects to ciphershed.org) From IE / openssl I get: jpyeron@black ~/Desktop $ openssl x509 -text < ciphershed.org.crt Certificate: Data: Version: 3 (0x2) Serial Number: 1014254 (0xf79ee) Signature Algorithm: sha256WithRSAEncryption Issuer: C=IL, O=StartCom Ltd., OU=Secure Digital Certificate Signing, CN=StartCom Class 1 Primary Intermediate Server CA Validity Not Before: Mar 29 21:04:49 2014 GMT Not After : Mar 30 19:28:06 2015 GMT Subject: C=DE, CN=blade01.coletteral.net/emailAddress=2be90008dcb54152a50b8d75c07d531e.protect@ whoisguard.com Subject Public Key Info: Public Key Algorithm: rsaEncryption Public-Key: (4096 bit) Modulus: 00:b5:b6:b1:0e:79:38:e0:4a:b3:27:0f:e2:c1:08: c2:e0:2e:88:a1:66:f1:02:2c:08:ae:6e:d1:13:5f: 8b:5c:c5:d2:00:ff:b4:e6:bb:57:88:05:0b:21:2e: a0:83:76:f3:ac:dc:96:45:70:3a:79:c0:6b:b5:07: e6:71:d0:82:fa:4e:5c:84:9b:20:9d:33:02:f4:7e: b0:83:82:97:26:6c:c6:8a:8e:17:db:cb:f0:81:93: b0:e3:c4:7c:62:fd:15:d4:a1:32:01:82:22:61:f7: 3f:27:63:04:a2:fe:a0:89:db:dd:8b:ec:e5:79:73: 59:66:45:41:8c:31:67:d4:8c:ef:61:ca:4f:6c:17: b1:68:b6:c1:19:52:a5:f8:0e:8e:fd:ef:41:54:10: ac:6f:ef:78:44:e4:79:0e:0f:a2:e5:4a:84:fd:0a: 3a:97:d2:22:3d:2d:c0:ef:00:5c:3a:9e:e8:01:01: 90:11:8c:9e:f1:a9:5b:49:01:31:96:9d:fc:0b:6a: fe:46:98:3f:a7:ac:3b:47:9f:e0:7c:33:35:e6:8d: 83:69:80:c9:d7:69:1f:69:55:89:dd:b4:9e:76:e2: da:22:0d:2f:10:85:6e:4c:55:78:22:7a:e7:05:26: ac:71:38:09:56:c4:d2:71:f3:fd:e4:22:3b:e1:b6: 4d:b8:13:61:4f:05:c4:ab:4b:0c:a6:43:4f:9d:02: d5:72:ac:41:ae:e2:61:a4:ce:a3:15:d0:49:27:e5: ad:a0:6e:3c:70:d5:d4:f8:01:8b:97:b4:e0:69:f6: be:fe:00:61:50:a7:56:08:3a:6a:8d:03:2a:87:6f: 21:7b:c2:ef:bd:56:9f:5f:d9:aa:6e:eb:4f:b0:e3: ba:86:19:a3:0a:5a:fc:58:48:62:1c:7f:df:1d:a3: ec:0b:86:fe:ca:0e:cd:67:37:93:63:ad:6b:76:0e: 55:eb:a6:94:d9:d1:ef:25:1b:d2:c2:6c:53:a2:ba: f4:36:59:cc:96:ee:ca:00:e3:cf:6e:09:56:ed:d8: ed:d3:c7:20:bc:76:c8:86:61:96:f0:e5:43:a4:c8: 60:a5:8f:59:15:41:b5:f7:68:eb:14:3c:67:07:f6: fb:4a:74:28:91:18:20:56:85:bf:30:83:1a:a0:2e: 50:62:69:9e:d0:4e:ef:39:f9:86:f9:03:d0:54:67: 15:81:fb:d6:9e:a3:11:6d:10:35:90:72:06:47:29: 04:16:ff:21:df:a6:64:38:88:3a:a7:69:e8:94:d3: 80:a1:c2:2e:bd:62:79:20:9f:c7:cb:c4:7c:4c:0f: ae:34:13:19:e9:11:fa:20:8c:fd:1f:c5:a3:cb:f1: b1:b9:17 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: CA:FALSE X509v3 Key Usage: Digital Signature, Key Encipherment, Key Agreement X509v3 Extended Key Usage: TLS Web Server Authentication X509v3 Subject Key Identifier: 71:B2:41:7C:E2:1B:E2:D4:A3:FC:46:4A:BE:1A:2E:FA:5F:DB:F2:A0 X509v3 Authority Key Identifier: keyid:EB:42:34:D0:98:B0:AB:9F:F4:1B:6B:08:F7:CC:64:2E:EF:0E:2C:45 X509v3 Subject Alternative Name: DNS:blade01.coletteral.net, DNS:coletteral.net X509v3 Certificate Policies: Policy: 2.23.140.1.2.1 Policy: 1.3.6.1.4.1.23223.1.2.3 CPS: http://www.startssl.com/policy.pdf User Notice: Organization: StartCom Certification Authority Number: 1 Explicit Text: This certificate was issued according to the Class 1 Validation requirements of the StartCom CA policy, reliance only for the intended purpose in compliance of the relying party obligations. X509v3 CRL Distribution Points: Full Name: URI:http://crl.startssl.com/crt1-crl.crl Authority Information Access: OCSP - URI:http://ocsp.startssl.com/sub/class1/server/ca CA Issuers - URI:http://aia.startssl.com/certs/sub.class1.server.ca.crt X509v3 Issuer Alternative Name: URI:http://www.startssl.com/ Signature Algorithm: sha256WithRSAEncryption 9d:a4:95:f1:0c:2a:39:6b:9c:5e:f1:07:b6:c9:2c:8c:81:43: c6:c5:b1:40:df:55:09:79:78:f5:7e:43:65:07:79:f7:d4:03: 72:ff:19:ab:a1:dd:d4:f2:15:2e:af:52:7d:d9:5b:63:ba:e6: f5:e9:f3:fd:2c:1f:10:8b:b1:df:38:39:04:47:72:9c:7d:45: 64:ed:d0:94:20:de:c5:d9:da:09:30:b6:4c:b1:6a:16:9b:cd: 1e:1b:68:46:ad:cc:da:eb:8d:2e:84:89:c6:5d:a1:97:f3:66: 47:38:10:23:40:58:34:23:d3:05:6e:fc:7b:33:36:18:8a:45: 8b:11:31:90:cf:28:01:f0:c2:ff:c8:33:6a:e5:b8:c8:33:21: 9c:fe:52:92:a4:b3:9b:80:0b:30:7e:06:33:d3:82:43:e3:83: 04:cf:41:e1:9b:07:20:22:08:d0:c0:5f:d2:05:5f:7e:6e:6d: ad:69:d9:d6:0a:42:4f:64:e4:b2:77:16:24:d5:d3:af:63:05: 8a:99:a9:91:a2:57:41:16:38:e6:cf:4b:1a:bb:ff:ca:f8:15: ba:1a:05:27:de:58:f5:d1:2e:46:a4:0d:e5:cb:13:ef:06:3f: 1c:24:c9:61:8a:60:37:03:b4:c1:6b:4f:d5:f0:37:55:72:41: 07:ba:48:e5 -----BEGIN CERTIFICATE----- MIIHbTCCBlWgAwIBAgIDD3nuMA0GCSqGSIb3DQEBCwUAMIGMMQswCQYDVQQGEwJJ TDEWMBQGA1UEChMNU3RhcnRDb20gTHRkLjErMCkGA1UECxMiU2VjdXJlIERpZ2l0 YWwgQ2VydGlmaWNhdGUgU2lnbmluZzE4MDYGA1UEAxMvU3RhcnRDb20gQ2xhc3Mg MSBQcmltYXJ5IEludGVybWVkaWF0ZSBTZXJ2ZXIgQ0EwHhcNMTQwMzI5MjEwNDQ5 WhcNMTUwMzMwMTkyODA2WjB2MQswCQYDVQQGEwJERTEfMB0GA1UEAxMWYmxhZGUw MS5jb2xldHRlcmFsLm5ldDFGMEQGCSqGSIb3DQEJARY3MmJlOTAwMDhkY2I1NDE1 MmE1MGI4ZDc1YzA3ZDUzMWUucHJvdGVjdEB3aG9pc2d1YXJkLmNvbTCCAiIwDQYJ KoZIhvcNAQEBBQADggIPADCCAgoCggIBALW2sQ55OOBKsycP4sEIwuAuiKFm8QIs CK5u0RNfi1zF0gD/tOa7V4gFCyEuoIN286zclkVwOnnAa7UH5nHQgvpOXISbIJ0z AvR+sIOClyZsxoqOF9vL8IGTsOPEfGL9FdShMgGCImH3PydjBKL+oInb3Yvs5Xlz WWZFQYwxZ9SM72HKT2wXsWi2wRlSpfgOjv3vQVQQrG/veETkeQ4PouVKhP0KOpfS Ij0twO8AXDqe6AEBkBGMnvGpW0kBMZad/Atq/kaYP6esO0ef4HwzNeaNg2mAyddp H2lVid20nnbi2iINLxCFbkxVeCJ65wUmrHE4CVbE0nHz/eQiO+G2TbgTYU8FxKtL DKZDT50C1XKsQa7iYaTOoxXQSSflraBuPHDV1PgBi5e04Gn2vv4AYVCnVgg6ao0D KodvIXvC771Wn1/Zqm7rT7DjuoYZowpa/FhIYhx/3x2j7AuG/soOzWc3k2Ota3YO VeumlNnR7yUb0sJsU6K69DZZzJbuygDjz24JVu3Y7dPHILx2yIZhlvDlQ6TIYKWP WRVBtfdo6xQ8Zwf2+0p0KJEYIFaFvzCDGqAuUGJpntBO7zn5hvkD0FRnFYH71p6j EW0QNZByBkcpBBb/Id+mZDiIOqdp6JTTgKHCLr1ieSCfx8vEfEwPrjQTGekR+iCM /R/Fo8vxsbkXAgMBAAGjggLrMIIC5zAJBgNVHRMEAjAAMAsGA1UdDwQEAwIDqDAT BgNVHSUEDDAKBggrBgEFBQcDATAdBgNVHQ4EFgQUcbJBfOIb4tSj/EZKvhou+l/b 8qAwHwYDVR0jBBgwFoAU60I00Jiwq5/0G2sI98xkLu8OLEUwMQYDVR0RBCowKIIW YmxhZGUwMS5jb2xldHRlcmFsLm5ldIIOY29sZXR0ZXJhbC5uZXQwggFWBgNVHSAE ggFNMIIBSTAIBgZngQwBAgEwggE7BgsrBgEEAYG1NwECAzCCASowLgYIKwYBBQUH AgEWImh0dHA6Ly93d3cuc3RhcnRzc2wuY29tL3BvbGljeS5wZGYwgfcGCCsGAQUF BwICMIHqMCcWIFN0YXJ0Q29tIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MAMCAQEa gb5UaGlzIGNlcnRpZmljYXRlIHdhcyBpc3N1ZWQgYWNjb3JkaW5nIHRvIHRoZSBD bGFzcyAxIFZhbGlkYXRpb24gcmVxdWlyZW1lbnRzIG9mIHRoZSBTdGFydENvbSBD QSBwb2xpY3ksIHJlbGlhbmNlIG9ubHkgZm9yIHRoZSBpbnRlbmRlZCBwdXJwb3Nl IGluIGNvbXBsaWFuY2Ugb2YgdGhlIHJlbHlpbmcgcGFydHkgb2JsaWdhdGlvbnMu MDUGA1UdHwQuMCwwKqAooCaGJGh0dHA6Ly9jcmwuc3RhcnRzc2wuY29tL2NydDEt Y3JsLmNybDCBjgYIKwYBBQUHAQEEgYEwfzA5BggrBgEFBQcwAYYtaHR0cDovL29j c3Auc3RhcnRzc2wuY29tL3N1Yi9jbGFzczEvc2VydmVyL2NhMEIGCCsGAQUFBzAC hjZodHRwOi8vYWlhLnN0YXJ0c3NsLmNvbS9jZXJ0cy9zdWIuY2xhc3MxLnNlcnZl ci5jYS5jcnQwIwYDVR0SBBwwGoYYaHR0cDovL3d3dy5zdGFydHNzbC5jb20vMA0G CSqGSIb3DQEBCwUAA4IBAQCdpJXxDCo5a5xe8Qe2ySyMgUPGxbFA31UJeXj1fkNl B3n31ANy/xmrod3U8hUur1J92Vtjuub16fP9LB8Qi7HfODkER3KcfUVk7dCUIN7F 2doJMLZMsWoWm80eG2hGrcza640uhInGXaGX82ZHOBAjQFg0I9MFbvx7MzYYikWL ETGQzygB8ML/yDNq5bjIMyGc/lKSpLObgAswfgYz04JD44MEz0HhmwcgIgjQwF/S BV9+bm2tadnWCkJPZOSydxYk1dOvYwWKmamRoldBFjjmz0sau//K+BW6GgUn3lj1 0S5GpA3lyxPvBj8cJMlhimA3A7TBa0/V8DdVckEHukjl -----END CERTIFICATE----- From Firefox, chrome and curl I get: jpyeron@black ~/Desktop $ openssl x509 -text < mail.ciphershed.org.crt Certificate: Data: Version: 3 (0x2) Serial Number: 1108440 (0x10e9d8) Signature Algorithm: sha256WithRSAEncryption Issuer: C=IL, O=StartCom Ltd., OU=Secure Digital Certificate Signing, CN=StartCom Class 1 Primary Intermediate Server CA Validity Not Before: Jun 5 22:42:33 2014 GMT Not After : Jun 6 08:25:33 2015 GMT Subject: C=DE, CN=mail.ciphershed.org/emailAddress=niklas.lemcke@xxxxxxxxx Subject Public Key Info: Public Key Algorithm: rsaEncryption Public-Key: (4096 bit) Modulus: 00:f9:ac:c2:78:b7:21:2a:72:b6:88:eb:c5:70:a9: c9:f1:93:f5:40:2e:a3:ef:85:56:22:75:79:12:a9: 22:9a:dd:01:e8:d3:f7:5e:b9:ad:42:c6:58:71:c1: da:e9:80:5f:76:7c:c4:86:e5:5e:27:49:13:01:bb: fd:81:8c:27:65:4e:16:25:e4:15:bc:65:1c:4d:43: 9a:bf:67:7f:a2:2b:bd:94:9b:03:8d:eb:b6:ae:d9: 72:85:f0:47:a5:b1:f6:7a:15:d0:35:65:5c:43:3f: 7a:f9:22:a7:08:93:4d:2d:ae:e5:3e:f7:13:c3:3a: 2f:27:b9:27:fd:50:5a:d3:84:21:3a:78:10:1e:40: f7:13:db:5a:57:e2:99:a8:65:5e:23:85:16:0c:96: d7:6c:e1:07:15:7c:0a:75:6e:69:d8:b6:61:ee:5b: f4:07:c9:83:0b:87:9c:c9:e0:e4:39:28:35:2a:90: 0c:83:e9:88:7a:e2:76:8c:6d:32:69:ef:f5:21:86: 5d:bd:b0:8d:70:be:08:03:6f:da:ba:de:7c:61:a0: 42:0d:51:45:8b:02:24:10:8f:68:e2:dc:33:11:a0: 4f:e6:20:b8:91:f1:7b:a1:6f:f7:8e:1c:7b:92:e0: aa:94:41:a1:22:a6:cc:bf:a7:19:f1:ae:cf:d7:46: ff:7b:35:8a:9a:59:4d:4d:51:5a:37:5b:d6:f2:bc: 29:ef:49:4e:20:bd:51:5f:19:26:72:5a:cd:e3:63: a1:35:9c:a0:c0:ec:34:aa:28:6d:80:4d:ab:53:cf: fb:e9:b3:32:78:84:1d:ee:99:26:65:43:8f:52:95: ed:f9:74:6d:71:f4:db:02:cc:ab:f1:c5:07:22:a6: cb:bf:1e:eb:d2:91:cb:43:b1:0b:9e:61:2e:ea:2c: fd:42:80:83:16:61:18:5f:24:79:d7:45:96:57:75: b7:65:63:2b:ee:fd:2d:f0:47:cd:a8:6c:7b:56:07: 01:c0:b2:45:6f:82:28:8c:06:74:ac:65:e9:de:7d: 5e:43:c5:c0:d5:15:95:ad:3a:2f:eb:87:0e:9a:c6: 22:dd:3c:c8:01:4b:95:64:b7:6f:86:a5:b3:59:78: e5:01:e9:39:67:fa:af:77:01:e8:5c:fb:83:6f:c3: 54:f9:1e:fb:dc:2a:51:17:4a:60:d3:48:c7:27:4d: 0e:e4:00:27:77:d3:51:22:c2:94:9c:de:71:74:4c: be:e2:fd:54:41:5a:ea:ad:7b:4c:fe:9d:8c:47:c4: 24:c2:7d:86:ba:e0:bf:1e:73:8b:50:2a:c7:e5:88: de:a3:7f:26:ba:c7:eb:a9:a4:70:fb:e0:31:d2:46: 90:34:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: CA:FALSE X509v3 Key Usage: Digital Signature, Key Encipherment, Key Agreement X509v3 Extended Key Usage: TLS Web Server Authentication X509v3 Subject Key Identifier: 2B:B9:BA:21:AB:C0:CA:5A:FD:92:1E:2F:67:FA:86:2A:BA:EE:1A:E3 X509v3 Authority Key Identifier: keyid:EB:42:34:D0:98:B0:AB:9F:F4:1B:6B:08:F7:CC:64:2E:EF:0E:2C:45 X509v3 Subject Alternative Name: DNS:mail.ciphershed.org, DNS:ciphershed.org X509v3 Certificate Policies: Policy: 2.23.140.1.2.1 Policy: 1.3.6.1.4.1.23223.1.2.3 CPS: http://www.startssl.com/policy.pdf User Notice: Organization: StartCom Certification Authority Number: 1 Explicit Text: This certificate was issued according to the Class 1 Validation requirements of the StartCom CA policy, reliance only for the intended purpose in compliance of the relying party obligations. X509v3 CRL Distribution Points: Full Name: URI:http://crl.startssl.com/crt1-crl.crl Authority Information Access: OCSP - URI:http://ocsp.startssl.com/sub/class1/server/ca CA Issuers - URI:http://aia.startssl.com/certs/sub.class1.server.ca.crt X509v3 Issuer Alternative Name: URI:http://www.startssl.com/ Signature Algorithm: sha256WithRSAEncryption 81:a9:b8:d9:95:d6:5a:c9:67:67:d8:93:de:91:ca:9a:14:8d: 1d:a1:b3:02:43:80:80:bb:5f:8c:72:1f:42:8f:a2:5b:1b:db: 49:09:15:8a:17:b8:c6:24:ce:67:0c:1d:63:37:dd:6b:ef:c0: af:09:6e:db:94:60:04:5b:5a:d1:b3:ee:6f:61:87:e1:17:a7: 02:61:72:6b:01:f2:ab:4a:e2:a4:aa:9a:34:3a:56:0f:d1:11: aa:73:7e:cd:9b:33:ac:27:3e:36:a5:2e:d4:ea:bc:92:23:57: 3d:f6:81:12:67:65:7c:09:07:47:01:09:3c:af:17:34:a7:30: 83:b6:c9:24:e2:1d:7c:d7:ab:b2:e4:9d:58:5a:c2:7c:c3:8f: b5:65:ab:15:3d:e2:21:55:4a:26:5b:e6:34:06:de:1c:c6:e2: 22:f8:a9:92:12:34:85:d5:4b:42:be:b2:a1:82:20:a4:a1:cc: 8a:07:5b:f0:3c:af:e5:e4:d2:04:6d:39:20:26:ff:24:e5:96: 61:92:99:90:c4:46:db:d0:ef:1c:84:f4:da:2b:b3:c1:17:31: 15:de:8c:86:3d:82:93:c4:b3:0e:78:6e:6f:f7:0b:d5:e4:5e: 6c:87:30:ab:2d:12:37:e1:7a:f9:81:1c:9d:3b:76:8f:84:1b: 4b:53:35:10 -----BEGIN CERTIFICATE----- MIIHRzCCBi+gAwIBAgIDEOnYMA0GCSqGSIb3DQEBCwUAMIGMMQswCQYDVQQGEwJJ TDEWMBQGA1UEChMNU3RhcnRDb20gTHRkLjErMCkGA1UECxMiU2VjdXJlIERpZ2l0 YWwgQ2VydGlmaWNhdGUgU2lnbmluZzE4MDYGA1UEAxMvU3RhcnRDb20gQ2xhc3Mg MSBQcmltYXJ5IEludGVybWVkaWF0ZSBTZXJ2ZXIgQ0EwHhcNMTQwNjA1MjI0MjMz WhcNMTUwNjA2MDgyNTMzWjBTMQswCQYDVQQGEwJERTEcMBoGA1UEAxMTbWFpbC5j aXBoZXJzaGVkLm9yZzEmMCQGCSqGSIb3DQEJARYXbmlrbGFzLmxlbWNrZUBnbWFp bC5jb20wggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQD5rMJ4tyEqcraI 68Vwqcnxk/VALqPvhVYidXkSqSKa3QHo0/deua1CxlhxwdrpgF92fMSG5V4nSRMB u/2BjCdlThYl5BW8ZRxNQ5q/Z3+iK72UmwON67au2XKF8EelsfZ6FdA1ZVxDP3r5 IqcIk00truU+9xPDOi8nuSf9UFrThCE6eBAeQPcT21pX4pmoZV4jhRYMltds4QcV fAp1bmnYtmHuW/QHyYMLh5zJ4OQ5KDUqkAyD6Yh64naMbTJp7/Uhhl29sI1wvggD b9q63nxhoEINUUWLAiQQj2ji3DMRoE/mILiR8Xuhb/eOHHuS4KqUQaEipsy/pxnx rs/XRv97NYqaWU1NUVo3W9byvCnvSU4gvVFfGSZyWs3jY6E1nKDA7DSqKG2ATatT z/vpszJ4hB3umSZlQ49Sle35dG1x9NsCzKvxxQcipsu/HuvSkctDsQueYS7qLP1C gIMWYRhfJHnXRZZXdbdlYyvu/S3wR82obHtWBwHAskVvgiiMBnSsZenefV5DxcDV FZWtOi/rhw6axiLdPMgBS5Vkt2+GpbNZeOUB6Tln+q93Aehc+4Nvw1T5HvvcKlEX SmDTSMcnTQ7kACd301EiwpSc3nF0TL7i/VRBWuqte0z+nYxHxCTCfYa64L8ec4tQ KsfliN6jfya6x+uppHD74DHSRpA0hwIDAQABo4IC6DCCAuQwCQYDVR0TBAIwADAL BgNVHQ8EBAMCA6gwEwYDVR0lBAwwCgYIKwYBBQUHAwEwHQYDVR0OBBYEFCu5uiGr wMpa/ZIeL2f6hiq67hrjMB8GA1UdIwQYMBaAFOtCNNCYsKuf9BtrCPfMZC7vDixF MC4GA1UdEQQnMCWCE21haWwuY2lwaGVyc2hlZC5vcmeCDmNpcGhlcnNoZWQub3Jn MIIBVgYDVR0gBIIBTTCCAUkwCAYGZ4EMAQIBMIIBOwYLKwYBBAGBtTcBAgMwggEq MC4GCCsGAQUFBwIBFiJodHRwOi8vd3d3LnN0YXJ0c3NsLmNvbS9wb2xpY3kucGRm MIH3BggrBgEFBQcCAjCB6jAnFiBTdGFydENvbSBDZXJ0aWZpY2F0aW9uIEF1dGhv cml0eTADAgEBGoG+VGhpcyBjZXJ0aWZpY2F0ZSB3YXMgaXNzdWVkIGFjY29yZGlu ZyB0byB0aGUgQ2xhc3MgMSBWYWxpZGF0aW9uIHJlcXVpcmVtZW50cyBvZiB0aGUg U3RhcnRDb20gQ0EgcG9saWN5LCByZWxpYW5jZSBvbmx5IGZvciB0aGUgaW50ZW5k ZWQgcHVycG9zZSBpbiBjb21wbGlhbmNlIG9mIHRoZSByZWx5aW5nIHBhcnR5IG9i bGlnYXRpb25zLjA1BgNVHR8ELjAsMCqgKKAmhiRodHRwOi8vY3JsLnN0YXJ0c3Ns LmNvbS9jcnQxLWNybC5jcmwwgY4GCCsGAQUFBwEBBIGBMH8wOQYIKwYBBQUHMAGG LWh0dHA6Ly9vY3NwLnN0YXJ0c3NsLmNvbS9zdWIvY2xhc3MxL3NlcnZlci9jYTBC BggrBgEFBQcwAoY2aHR0cDovL2FpYS5zdGFydHNzbC5jb20vY2VydHMvc3ViLmNs YXNzMS5zZXJ2ZXIuY2EuY3J0MCMGA1UdEgQcMBqGGGh0dHA6Ly93d3cuc3RhcnRz c2wuY29tLzANBgkqhkiG9w0BAQsFAAOCAQEAgam42ZXWWslnZ9iT3pHKmhSNHaGz AkOAgLtfjHIfQo+iWxvbSQkVihe4xiTOZwwdYzfda+/Arwlu25RgBFta0bPub2GH 4RenAmFyawHyq0ripKqaNDpWD9ERqnN+zZszrCc+NqUu1Oq8kiNXPfaBEmdlfAkH RwEJPK8XNKcwg7bJJOIdfNersuSdWFrCfMOPtWWrFT3iIVVKJlvmNAbeHMbiIvip khI0hdVLQr6yoYIgpKHMigdb8Dyv5eTSBG05ICb/JOWWYZKZkMRG29DvHIT02iuz wRcxFd6Mhj2Ck8SzDnhub/cL1eRebIcwqy0SN+F6+YEcnTt2j4QbS1M1EA== -----END CERTIFICATE----- -- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- - - - Jason Pyeron PD Inc. http://www.pdinc.us - - Principal Consultant 10 West 24th Street #100 - - +1 (443) 269-1555 x333 Baltimore, Maryland 21218 - - - -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- This message is copyright PD Inc, subject to license 20080407P00.