[Geany-Devel] Invalid certificate
Arthur Peka
artur.peka at xxxxx
Sun Oct 25 13:41:59 UTC 2015
In my understanding "invalid" includes "signed by untrusted authority". I'm
no security expert, and for me browser reporting an invalid certificate is
a red flag - I'll have a hard time figuring out that cacert.org are in fact
the "good guys". I believe, this can also turn away some contributors, who
will think the page is abandoned/compromised, without looking into much
details.
As for let's encrypt - they reported several days ago that they are trusted
by major browsers -
https://letsencrypt.org/2015/10/19/lets-encrypt-is-trusted.html. Check
https://helloworld.letsencrypt.org/ - it's trusted.
BR,
Artur.
On Sun, Oct 25, 2015 at 2:35 PM, Frank Lanitz <frank at frank.uvena.de> wrote:
> Am 25.10.2015 um 13:17 schrieb Arthur Peka:
> >
> > some may have already said it, but certificate
> > on https://lists.geany.org is invalid. I guess the one from Let's
> > encrypt could be used (which now seems to be trusted)?
>
> They did a huge step forward, but AFAIK not yet done. By now we are
> using CAcert and the certificate is not invalid only because your
> browser doesn't know the CAcert root certificates¹. It's just untrusted.
>
> However, the plan is, once the are real online we think about migration.
>
> Cheers,
> Frank
>
> ¹ http://www.cacert.org/index.php?id=3
>
> P.S. Sorry, if this might sounded root. Not sure. Wasn't intended. SSL
> is not just the green lock symbol, it's more. Even an selfsigned
> certifcate can, well in most cases it is if you check fingerprints, be
> more trustworthy than a signed one.
>
>
> _______________________________________________
> Devel mailing list
> Devel at lists.geany.org
> https://lists.geany.org/cgi-bin/mailman/listinfo/devel
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.geany.org/pipermail/devel/attachments/20151025/c76a60dd/attachment.html>
More information about the Devel
mailing list