On Wed, Apr 05, 2017 at 10:37:34AM +0200, Florian Zieboll wrote: [cut]
> > It would be great to have the PGP-signed fingerprints of any used > certificate published at "status.devuan.org" or so. > > BTW, status.devuan.org has a certificate issue as well. > Florian, certificates are based on FQDNs, as you know. Now it happens that *.devuan.org points to the same webserver where www.devuan.org is hosted (with a few notable exceptions), and you can't have a certificate for any possible FQDN that matches *.devuan.org. Or better, you can, but it would not be that useful in the end, IMHO. Hence, if you type crap.devuan.org in your browser, you will get a certificate problem. Same with bonkers.devuan.org. Same with abcdefg.devuan.org. Same with this.is.not.a.joke.devuan.org.... I agree that it would be good to have a place (it could be even something like status.devuan.org) where the latest available certificate for each website in the devuan.org infrastructure are published. HND KatolaZ -- [ ~.,_ Enzo Nicosia aka KatolaZ - GLUGCT -- Freaknet Medialab ] [ "+. katolaz [at] freaknet.org --- katolaz [at] yahoo.it ] [ @) http://kalos.mine.nu --- Devuan GNU + Linux User ] [ @@) http://maths.qmul.ac.uk/~vnicosia -- GPG: 0B5F062F ] [ (@@@) Twitter: @KatolaZ - skype: katolaz -- github: KatolaZ ]
signature.asc
Description: Digital signature
_______________________________________________ Dng mailing list [email protected] https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
