Dear Richard,
--------------------------------------------
From: Richard Hipp <d...@sqlite.org>
Sent: Fri, 5 Dec 2014 13:59:15 -0500
To: fossil-dev@lists.fossil-scm.org
Subject: Re: [fossil-dev] Fossil-scm.org SSL login mismatch
>
On Fri, Dec 5, 2014 at 1:47 PM, Jungle Boogie <jungleboog...@gmail.com>
wrote:
Dear Richard,
--------------------------------------------
From: Richard Hipp <d...@sqlite.org>
Sent: Fri, 5 Dec 2014 13:22:40 -0500
To: fossil-dev@lists.fossil-scm.org
Subject: Re: [fossil-dev] Fossil-scm.org SSL login mismatch
While we're talking about SSL, can Fossil support HSTS, disabling SSL v3,
forward secrecy?
In as much as I have no idea what that is, probably not.
Can I make it a feature request to disable SSL v1-3?
Thanks,
JB
On Fri, Dec 5, 2014 at 11:30 AM, Jungle Boogie <jungleboog...@gmail.com>
wrote:
Hello All,
I'm not certain if this is expected behavior or an issue with the website
but when browsing to https://fossil-scm.org/index.html/login
(I would personally say the former)
Google Chrome tells me:
our connection is not private
Attackers might be trying to steal your information from fossil-scm.org
(for example, passwords, messages, or credit cards).
This server could not prove that it is fossil-scm.org; its security
certificate is from sqlite.org. This may be caused by a misconfiguration
or an attacker intercepting your connection.
However, prefixing the domain with a www. works:
https://www.fossil-scm.org/index.html/login
--
inum: 883510009027723
sip: jungleboo...@sip2sip.info
xmpp: jungle-boo...@jit.si
_______________________________________________
fossil-dev mailing list
fossil-dev@lists.fossil-scm.org
http://sqlite.org:8080/cgi-bin/mailman/listinfo/fossil-dev
