-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Hi folks,
Am Di den 31. Jan 2017 um 19:35 schrieb Klaus Ethgen: > the SSL certificate for website devuan.org is invalid again and does not > match the one in TLSA record. That problem gets serious now. I even cannot access www.devuan.org anymore. On all pages I get certificate mismatch. There seems to be one that is impersonalizing devuan.org with a faked Let's Encrypt certificate. The Fingerprint I get currently from the website is: CF:C6:BE:F8:22:E5:30:16:3A:50:3B:1A:B8:99:FC:9D:83:B3:E5:38 And tlsa verification gives: ~> tlsa --verify www.devuan.org FAIL (Usage 3 [DANE-EE]): Certificate offered by the server does not match the TLSA record (46.105.191.76) FAIL (Usage 3 [DANE-EE]): Certificate offered by the server does not match the TLSA record (2001:41d0:8:2c55::a1) As the impersonating uses a Let's encrypt certificate I think it is a more sever problem than just that my side would be tampered. Regards Klaus - -- Klaus Ethgen http://www.ethgen.ch/ pub 4096R/4E20AF1C 2011-05-16 Klaus Ethgen <[email protected]> Fingerprint: 85D4 CA42 952C 949B 1753 62B3 79D0 B06F 4E20 AF1C -----BEGIN PGP SIGNATURE----- Comment: Charset: ISO-8859-1 iQGzBAEBCgAdFiEEMWF28vh4/UMJJLQEpnwKsYAZ9qwFAlie0D0ACgkQpnwKsYAZ 9qwlNwwAsnBMgJMneXjX7k51MOSoKKKOsOAf+fm3htpoUnVDIEqy3eP6vpdJ1QP1 yI6WhgkW20xMNlflOd2H6ubg/MTaY+CrmVPPfUt911+1yqilQRp8GGtMiLtL0aLf XRaFGU2XOWkJ9Y5yS4SO6ZBn/O0OBsKB+Lq4JGgH1CKhe9IVvzmnCCeT6NgILtdj fxm1ptxRwa7md3RM4wjq4XluC/wAkf4vsp6h907/CMcuoZUI6j1R8H1qT56OGQM1 N/u/WlZRhCr27xp1JhTBxnMCgzFxw2LcZ1vBedkSuCvLnZFP2kmUbAVX1b8uSInb ftTD9NA51gTv3v7obubPLnQy1t+lRyWnubWGz84Fkn8r//FGQRhLGIf+wEexyvKj 0LC9y40yteYAiLpxAEjaQcmw3zsjwBdUsQhLB6rgcgf5e7Gshf72muhlMws/4eyS C8lrLWbdKOfWArapcIEg2D6YmxsCGKX8uHeedBIrf7X5i+Sxw7+ks1VL/jr/SLjd cwTPHAOu =9mHF -----END PGP SIGNATURE----- _______________________________________________ Dng mailing list [email protected] https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
