[Geany-Users] Is https://lists.geany.org/cgi-bin/mailman/listinfo/users safe.

Lex Trotman elextr at xxxxx
Wed May 1 09:15:57 UTC 2013 

On 1 May 2013 18:52, Frank Lanitz <frank at frank.uvena.de> wrote:

> Am 01.05.2013 10:47, schrieb Enrico Tröger:
> > On 30/04/13 03:06, Lex Trotman wrote:
> >> On 30 April 2013 08:55, Chris Williams <purplewelshy at googlemail.com>
> wrote:
> >>
> >>>  Sorry I am a newbie and when I try to go to:
> >>>
> >>>  https://lists.geany.org/cgi-bin/mailman/listinfo/users
> >>>
> >>> I get the following error:
> >>>
> >>> *******************************************************************
> >>> This Connection is Untrusted
> >>>
> >>>
> >>>           You have asked Firefox to connect
> >>> securely to lists.geany.org, but we can't confirm that your
> connection is
> >>> secure.
> >>>           Normally, when you try to connect securely,
> >>> sites will present trusted identification to prove that you are
> >>> going to the right place. However, this site's identity can't be
> verified.
> >>>
> >>>           What Should I Do?
> >>>
> >>>             If you usually connect to
> >>> this site without problems, this error could mean that someone is
> >>> trying to impersonate the site, and you shouldn't continu
> >>>
> >>>         lists.geany.org uses an invalid security certificate.
> >>>
> >>> The certificate is not trusted because no issuer chain was provided.
> >>>
> >>> (Error code: sec_error_unknown_issuer)
> >>>
> >>>           If you understand what's going on, you
> >>> can tell Firefox to start trusting this site's identification.
> >>> Even if you trust the site, this error could mean that someone is
> >>> tampering with your connection.
> >>>           Don't add an exception unless
> >>> you know there's a good reason why this site doesn't use trusted
> >>> identification.
> >>> *********************************************************************
> >>>
> >>> Hi Chris,
> >>
> >> Unfortunately this is an argument between firefox and the certificate
> >> provider such that firefox is unwilling to include the particular
> >> certificate provider.  Other browsers such as chrome or even IE (I
> >> understand, I haven't tried myself) do include the certificate provider.
> >>
> >> The best suggestion is to use another browser or install the certificate
> >> providers certificate yourself.
> >
> > Which you can find here:
> > https://www.cacert.org/index.php?id=3
> >
> > A bit more information:
> > Frank Lanitz created this certificate and it is signed by Cacert. To be
> > able to do this, you first need to authenticate yourself to Cacert, in
> > person including an identity check. Frank, and me also, did this. So,
> > this is not just a self-signed certificate to have 'something' for SSL,
> > but a qite good certificate. Even though Mozilla just doesn't consider
> > it good enough to include the root certificate into their browser and
> > other products :(.
>
> Is it a correct time for a little SSL-Mozilla-Bashing?
>

I have gone totally to Chrome, is that bashing enough :)
</you are not paranoid, on the internet they *are* out to get you>

Cheers
Lex




> They do not include CAcert with their Web-of-Trust-based method of
> authentification, but include root-certificates which are known to be
> very week PKI and there are rumors that some of them are ruled be the
> agencies. </paranoid>
>
> Cheers,
> Frank
>
>
>
> _______________________________________________
> Users mailing list
> Users at lists.geany.org
> https://lists.geany.org/cgi-bin/mailman/listinfo/users
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.geany.org/pipermail/users/attachments/20130501/93f7dfc3/attachment.html>

More information about the Users mailing list