[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Savannah-help-public] Re: [gnu.org #406167] savannah.gnu.org has invali
|
From: |
Jeffrey Yasskin |
|
Subject: |
[Savannah-help-public] Re: [gnu.org #406167] savannah.gnu.org has invalid certificate |
|
Date: |
Wed, 21 Jan 2009 10:29:25 -0800 |
On Wed, Jan 21, 2009 at 9:45 AM, Ward Vandewege via RT <address@hidden> wrote:
>> address@hidden - Wed Jan 21 12:18:21 2009]:
>>
>> I just wanted to let you know that going to https://savannah.gnu.org/
>> fails in both Firefox 3.0.5 and Safari 3.2.1 saying that the issuer
>> certificate is unknown. You should fix this to prevent
>> man-in-the-middle attacks.
>
> We know, that was a decision made by the Savannah hackers. The
> certificate is issued by cacert.org. You can talk to
> address@hidden about this.
I'm sure I'm not the first person to run into this. Have you made any
progress in getting the cacert root certificate into major browsers?
If not, could you put a link to an explanation of the SSL warning next
to the login link and any other link into an SSLed page? For that
matter, do you have a description of why you've chosen to confuse your
visitors? http://savannah.gnu.org/tls/ doesn't explain the decision.
Thanks,
Jeffrey
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [Savannah-help-public] Re: [gnu.org #406167] savannah.gnu.org has invalid certificate,
Jeffrey Yasskin <=