[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Savannah-users] https certificates

From: Křištof Želechovski
Subject: Re: [Savannah-users] https certificates
Date: Tue, 15 Mar 2011 15:02:49 +0100
User-agent: KMail/1.13.6 (Linux/; KDE/4.6.0; x86_64; ; )

Dnia wtorek, 16 września 2008 o 19:49:33 Sylvain Beucler napisał(a):
> We've switched to https certificates instead of the previously
> self-signed certificated. offers an alternative way to deliver
> https certificates based on a web of trust - and their software is GPL'd. More
> information at

TL;DR: Please have your certificate signed with StartSSL root [3] too.  The 
certificate is free, as in beer, and it works well with Mozilla Firefox.  In 
short, it certifies that the owner of the certificate could be reached as 
address@hidden at the time when the certificate was issued.  Getting another 
signature does not invalidate the one you already have.

I tired to report a bug against libcdio today.  I am on openSUSE 11.4 and the 
default browser is Mozilla Firefox, so the hyperlink opened in Mozilla Firefox. 
I logged in and I was greeted by the repelling message 
"sec_error_untrusted_issuer" from Firefox similar to the one you describe [2].  
I chose not to import the certificate because I believe the Mozilla Foundation 
has good reasons for not including the CACert by default.

That certificate is not recognised by Firefox, pending audit.  
The audit process is stalled [4] and the perspectives of success in near future 
are grim.

BTW, thank you for publishing a detailed introduction to handling your 
certificate [5], there is no need to quote that if you choose to answer.  For 
the time being, I guess using GNU IceCat would be the best solution for talking 
to you.

Best regards,
[1] <URL: >
[2] <URL: >
[3] <URL: >
[4] <URL: >
[5] <URL: >

reply via email to

[Prev in Thread] Current Thread [Next in Thread]