[Geany-Devel] Invalid certificate

Sun Oct 25 14:12:46 UTC 2015

Ok, glad to hear that.

BR,
Artur.

On Sun, Oct 25, 2015 at 3:58 PM, Frank Lanitz <frank at frank.uvena.de> wrote:

> Hi,
>
> Am 25.10.2015 um 14:41 schrieb Arthur Peka:
> > In my understanding "invalid" includes "signed by untrusted authority".
> > I'm no security expert, and for me browser reporting an invalid
> > certificate is a red flag - I'll have a hard time figuring out
> > that cacert.org <http://cacert.org> are in fact the "good guys". I
> > believe, this can also turn away some contributors, who will think the
> > page is abandoned/compromised, without looking into much details.
>
> I'm aware of this and we dicussed it several times at some of our
> mailinglists. Untrusted != invalid. Unfortunately people don't want to
> understand this so browser developers decided to send in every case "OMG
> we are gonna die"-error warnings and hiding the option "I know what I'm
> doing". It's even getting hard and herder to ack a selfsigned
> certificate from release of release of browser. This is bad. Now in
> default it's easier to trust some company might forced by some
> gouverment or whoever (stock owners maybe) to sign a not valid
> certificate than to trust your very own self created certificate e.g.
> for your personal intranet. But this is another topic and off topic here.
>
> > As for let's encrypt - they reported several days ago that they are
> > trusted by major browsers
> > - https://letsencrypt.org/2015/10/19/lets-encrypt-is-trusted.html. Check
> > https://helloworld.letsencrypt.org/ - it's trusted.
>
> At least I'm aware of this and as Enrico mentioned we will go into
> process of update maybe soon. this was the big step I was referring to.
>
> So tl;dr: There will be an update on this kind of soonish.
>
> Cheers,
> Frank
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.geany.org/pipermail/devel/attachments/20151025/085bc07c/attachment-0001.html>