[Geany-Users] Is https://lists.geany.org/cgi-bin/mailman/listinfo/users safe.

Frank Lanitz frank at xxxxx
Wed May 1 08:52:32 UTC 2013 

Am 01.05.2013 10:47, schrieb Enrico Tröger:
> On 30/04/13 03:06, Lex Trotman wrote:
>> On 30 April 2013 08:55, Chris Williams <purplewelshy at googlemail.com> wrote:
>>
>>>  Sorry I am a newbie and when I try to go to:
>>>
>>>  https://lists.geany.org/cgi-bin/mailman/listinfo/users
>>>
>>> I get the following error:
>>>
>>> *******************************************************************
>>> This Connection is Untrusted
>>>
>>>
>>>           You have asked Firefox to connect
>>> securely to lists.geany.org, but we can't confirm that your connection is
>>> secure.
>>>           Normally, when you try to connect securely,
>>> sites will present trusted identification to prove that you are
>>> going to the right place. However, this site's identity can't be verified.
>>>
>>>           What Should I Do?
>>>
>>>             If you usually connect to
>>> this site without problems, this error could mean that someone is
>>> trying to impersonate the site, and you shouldn't continu
>>>
>>>         lists.geany.org uses an invalid security certificate.
>>>
>>> The certificate is not trusted because no issuer chain was provided.
>>>
>>> (Error code: sec_error_unknown_issuer)
>>>
>>>           If you understand what's going on, you
>>> can tell Firefox to start trusting this site's identification.
>>> Even if you trust the site, this error could mean that someone is
>>> tampering with your connection.
>>>           Don't add an exception unless
>>> you know there's a good reason why this site doesn't use trusted
>>> identification.
>>> *********************************************************************
>>>
>>> Hi Chris,
>>
>> Unfortunately this is an argument between firefox and the certificate
>> provider such that firefox is unwilling to include the particular
>> certificate provider.  Other browsers such as chrome or even IE (I
>> understand, I haven't tried myself) do include the certificate provider.
>>
>> The best suggestion is to use another browser or install the certificate
>> providers certificate yourself.
> 
> Which you can find here:
> https://www.cacert.org/index.php?id=3
> 
> A bit more information:
> Frank Lanitz created this certificate and it is signed by Cacert. To be
> able to do this, you first need to authenticate yourself to Cacert, in
> person including an identity check. Frank, and me also, did this. So,
> this is not just a self-signed certificate to have 'something' for SSL,
> but a qite good certificate. Even though Mozilla just doesn't consider
> it good enough to include the root certificate into their browser and
> other products :(.

Is it a correct time for a little SSL-Mozilla-Bashing?
They do not include CAcert with their Web-of-Trust-based method of
authentification, but include root-certificates which are known to be
very week PKI and there are rumors that some of them are ruled be the
agencies. </paranoid>

Cheers,
Frank


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 901 bytes
Desc: OpenPGP digital signature
URL: <http://lists.geany.org/pipermail/users/attachments/20130501/939feac5/attachment.pgp>

More information about the Users mailing list