In my understanding "invalid" includes "signed by untrusted authority". I'm no security expert, and for me browser reporting an invalid certificate is a red flag - I'll have a hard time figuring out that cacert.org are in fact the "good guys". I believe, this can also turn away some contributors, who will think the page is abandoned/compromised, without looking into much details.
As for let's encrypt - they reported several days ago that they are trusted by major browsers - https://letsencrypt.org/2015/10/19/lets-encrypt-is-trusted.html. Check https://helloworld.letsencrypt.org/ - it's trusted. BR, Artur. On Sun, Oct 25, 2015 at 2:35 PM, Frank Lanitz <fr...@frank.uvena.de> wrote: > Am 25.10.2015 um 13:17 schrieb Arthur Peka: > > > > some may have already said it, but certificate > > on https://lists.geany.org is invalid. I guess the one from Let's > > encrypt could be used (which now seems to be trusted)? > > They did a huge step forward, but AFAIK not yet done. By now we are > using CAcert and the certificate is not invalid only because your > browser doesn't know the CAcert root certificates¹. It's just untrusted. > > However, the plan is, once the are real online we think about migration. > > Cheers, > Frank > > ¹ http://www.cacert.org/index.php?id=3 > > P.S. Sorry, if this might sounded root. Not sure. Wasn't intended. SSL > is not just the green lock symbol, it's more. Even an selfsigned > certifcate can, well in most cases it is if you check fingerprints, be > more trustworthy than a signed one. > > > _______________________________________________ > Devel mailing list > Devel@lists.geany.org > https://lists.geany.org/cgi-bin/mailman/listinfo/devel > >
_______________________________________________ Devel mailing list Devel@lists.geany.org https://lists.geany.org/cgi-bin/mailman/listinfo/devel
