[Geany-Users] Is https://lists.geany.org/cgi-bin/mailman/listinfo/users safe.

Enrico Tröger enrico.troeger at xxxxx
Wed May 1 08:47:46 UTC 2013 

On 30/04/13 03:06, Lex Trotman wrote:
> On 30 April 2013 08:55, Chris Williams <purplewelshy at googlemail.com> wrote:
> 
>>  Sorry I am a newbie and when I try to go to:
>>
>>  https://lists.geany.org/cgi-bin/mailman/listinfo/users
>>
>> I get the following error:
>>
>> *******************************************************************
>> This Connection is Untrusted
>>
>>
>>           You have asked Firefox to connect
>> securely to lists.geany.org, but we can't confirm that your connection is
>> secure.
>>           Normally, when you try to connect securely,
>> sites will present trusted identification to prove that you are
>> going to the right place. However, this site's identity can't be verified.
>>
>>           What Should I Do?
>>
>>             If you usually connect to
>> this site without problems, this error could mean that someone is
>> trying to impersonate the site, and you shouldn't continu
>>
>>         lists.geany.org uses an invalid security certificate.
>>
>> The certificate is not trusted because no issuer chain was provided.
>>
>> (Error code: sec_error_unknown_issuer)
>>
>>           If you understand what's going on, you
>> can tell Firefox to start trusting this site's identification.
>> Even if you trust the site, this error could mean that someone is
>> tampering with your connection.
>>           Don't add an exception unless
>> you know there's a good reason why this site doesn't use trusted
>> identification.
>> *********************************************************************
>>
>> Hi Chris,
> 
> Unfortunately this is an argument between firefox and the certificate
> provider such that firefox is unwilling to include the particular
> certificate provider.  Other browsers such as chrome or even IE (I
> understand, I haven't tried myself) do include the certificate provider.
> 
> The best suggestion is to use another browser or install the certificate
> providers certificate yourself.

Which you can find here:
https://www.cacert.org/index.php?id=3

A bit more information:
Frank Lanitz created this certificate and it is signed by Cacert. To be
able to do this, you first need to authenticate yourself to Cacert, in
person including an identity check. Frank, and me also, did this. So,
this is not just a self-signed certificate to have 'something' for SSL,
but a qite good certificate. Even though Mozilla just doesn't consider
it good enough to include the root certificate into their browser and
other products :(.


Regards,
Enrico

-- 
Get my GPG key from http://www.uvena.de/pub.asc

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: OpenPGP digital signature
URL: <http://lists.geany.org/pipermail/users/attachments/20130501/065bc9b1/attachment.pgp>

More information about the Users mailing list