Re: https everywhere update - dlang.org gets an "A" now!

2015-12-11 Thread Basile B. via Digitalmars-d-announce
On Friday, 11 December 2015 at 21:22:06 UTC, Basile B. wrote: On Wednesday, 2 December 2015 at 22:17:20 UTC, Walter Bright wrote: Dlang.org gets an "A" now! Thanks to Jan Knepper's efforts. https://www.youtube.com/watch?v=OqkYr5uIreg=youtu.be=49s we're safe...

Re: https everywhere update - dlang.org gets an "A" now!

2015-12-11 Thread Basile B. via Digitalmars-d-announce
On Wednesday, 2 December 2015 at 22:17:20 UTC, Walter Bright wrote: Dlang.org gets an "A" now! Thanks to Jan Knepper's efforts. https://www.youtube.com/watch?v=OqkYr5uIreg=youtu.be=49s

Re: https everywhere update - dlang.org gets an "A" now!

2015-12-11 Thread Basile B. via Digitalmars-d-announce
On Friday, 11 December 2015 at 21:24:07 UTC, Basile B. wrote: On Friday, 11 December 2015 at 21:22:06 UTC, Basile B. wrote: On Wednesday, 2 December 2015 at 22:17:20 UTC, Walter Bright wrote: Dlang.org gets an "A" now! Thanks to Jan Knepper's efforts.

Re: https everywhere update - dlang.org gets an "A" now!

2015-12-08 Thread Sönke Ludwig via Digitalmars-d-announce
Now also certified (Let's Encrypt made this really straight forward): https://code.dlang.org/ https://forum.rejectedsoftware.com/ https://vibed.org/ All pass with an A for the ssllabs.com test. I'll also setup default HTTP->HTTPS redirects.

Re: https everywhere update - dlang.org gets an "A" now!

2015-12-07 Thread Kapps via Digitalmars-d-announce
On Monday, 7 December 2015 at 14:38:39 UTC, Steven Schveighoffer wrote: On 12/6/15 11:32 AM, Marc Schütz wrote: On Sunday, 6 December 2015 at 14:17:18 UTC, Steven Schveighoffer wrote: On 12/6/15 3:29 AM, Adil Baig via Digitalmars-d-announce wrote: +1 Same error. This part may help : This

Re: https everywhere update - dlang.org gets an "A" now!

2015-12-07 Thread Steven Schveighoffer via Digitalmars-d-announce
On 12/6/15 11:32 AM, Marc Schütz wrote: On Sunday, 6 December 2015 at 14:17:18 UTC, Steven Schveighoffer wrote: On 12/6/15 3:29 AM, Adil Baig via Digitalmars-d-announce wrote: +1 Same error. This part may help : This server could not prove that it is *www.dlang.org *;

Re: https everywhere update - dlang.org gets an "A" now!

2015-12-07 Thread Chris Wright via Digitalmars-d-announce
On Mon, 07 Dec 2015 14:48:52 +, Kapps wrote: > On Monday, 7 December 2015 at 14:38:39 UTC, Steven Schveighoffer wrote: >> I'm surprised it wouldn't. I wouldn't think a redirect would need to be >> encrypted. >> >> -Steve > > It does. Otherwise you could bypass HTTPS entirely by replacing the

Re: https everywhere update - dlang.org gets an "A" now!

2015-12-06 Thread Steven Schveighoffer via Digitalmars-d-announce
On 12/6/15 3:29 AM, Adil Baig via Digitalmars-d-announce wrote: +1 Same error. This part may help : This server could not prove that it is *www.dlang.org *; its security certificate is from*dlang.org * * * You will need a wild-card certificate (cheaper)

Re: https everywhere update - dlang.org gets an "A" now!

2015-12-06 Thread Marc Schütz via Digitalmars-d-announce
On Sunday, 6 December 2015 at 14:17:18 UTC, Steven Schveighoffer wrote: On 12/6/15 3:29 AM, Adil Baig via Digitalmars-d-announce wrote: +1 Same error. This part may help : This server could not prove that it is *www.dlang.org *; its security certificate is from*dlang.org

Re: https everywhere update - dlang.org gets an "A" now!

2015-12-06 Thread Adil Baig via Digitalmars-d-announce
+1 Same error. This part may help : This server could not prove that it is *www.dlang.org *; its security certificate is from*dlang.org * You will need a wild-card certificate (cheaper) or a certificate that allows multiple domain names (more expensive,

Re: https everywhere update - dlang.org gets an "A" now!

2015-12-06 Thread lobo via Digitalmars-d-announce
On Sunday, 6 December 2015 at 05:12:29 UTC, mattcoder wrote: On Wednesday, 2 December 2015 at 22:17:20 UTC, Walter Bright wrote: Dlang.org gets an "A" now! Thanks to Jan Knepper's efforts. This is what I get when I try: https://www.dlang.org/ "Your connection is not private Attackers might

Re: https everywhere update - dlang.org gets an "A" now!

2015-12-06 Thread Kapps via Digitalmars-d-announce
On Sunday, 6 December 2015 at 08:29:07 UTC, Adil Baig wrote: +1 Same error. This part may help : This server could not prove that it is *www.dlang.org *; its security certificate is from*dlang.org * You will need a wild-card certificate (cheaper) or a

Re: https everywhere update - dlang.org gets an "A" now!

2015-12-05 Thread mattcoder via Digitalmars-d-announce
On Wednesday, 2 December 2015 at 22:17:20 UTC, Walter Bright wrote: Dlang.org gets an "A" now! Thanks to Jan Knepper's efforts. This is what I get when I try: https://www.dlang.org/ "Your connection is not private Attackers might be trying to steal your information from www.dlang.org (for

Re: https everywhere update - dlang.org gets an "A" now!

2015-12-05 Thread deadalnix via Digitalmars-d-announce
Forum widgets are broken on the home page.

Re: https everywhere update - dlang.org gets an "A" now!

2015-12-04 Thread Saurabh Das via Digitalmars-d-announce
On Wednesday, 2 December 2015 at 22:17:20 UTC, Walter Bright wrote: On 11/24/2015 10:59 AM, David Nadlinger wrote: > On Monday, 23 November 2015 at 20:55:32 UTC, Walter Bright wrote: >> [...] proper >> [...] fully https! > > There are a number of issues with how SSL is set up on the server, from

Re: https everywhere update - dlang.org gets an "A" now!

2015-12-03 Thread Jacob Carlborg via Digitalmars-d-announce
On 2015-12-04 02:38, Brad Anderson wrote: It's unfortunate it didn't come a bit sooner because now the NSA knows I read the entire DUB JSON thread, much to my shame. You can expect a bill for "Wasting Time" in the mail anytime soon now :) -- /Jacob Carlborg

Re: https everywhere update - dlang.org gets an "A" now!

2015-12-03 Thread Brad Roberts via Digitalmars-d-announce
On 12/3/2015 6:55 PM, David Nadlinger via Digitalmars-d-announce wrote: On Friday, 4 December 2015 at 02:29:52 UTC, Brad Roberts wrote: I'm glad that letsencrypt is out there doing the publicity, but getting and using ssl certs has been free via startssl for several years now. What this new

Re: https everywhere update - dlang.org gets an "A" now!

2015-12-03 Thread Brad Anderson via Digitalmars-d-announce
On Wednesday, 2 December 2015 at 22:17:20 UTC, Walter Bright wrote: https://www.ssllabs.com/ssltest/analyze.html?d=dlang.org=on Dlang.org gets an "A" now! Thanks to Jan Knepper's efforts. Nice work by Jan. I know how big of a hassle things like this can be so taking the time to actually do

Re: https everywhere update - dlang.org gets an "A" now!

2015-12-03 Thread David Nadlinger via Digitalmars-d-announce
On Wednesday, 2 December 2015 at 22:17:20 UTC, Walter Bright wrote: https://www.ssllabs.com/ssltest/analyze.html?d=dlang.org=on Dlang.org gets an "A" now! Thanks to Jan Knepper's efforts. Thanks! Also displays as https in Chrome now.  — David

Re: https everywhere update - dlang.org gets an "A" now!

2015-12-03 Thread Brad Roberts via Digitalmars-d-announce
On 12/3/15 5:38 PM, Brad Anderson via Digitalmars-d-announce wrote: On Wednesday, 2 December 2015 at 22:17:20 UTC, Walter Bright wrote: https://www.ssllabs.com/ssltest/analyze.html?d=dlang.org=on Dlang.org gets an "A" now! Thanks to Jan Knepper's efforts. Nice work by Jan. I know how big of

Re: https everywhere update - dlang.org gets an "A" now!

2015-12-03 Thread David Nadlinger via Digitalmars-d-announce
On Friday, 4 December 2015 at 02:29:52 UTC, Brad Roberts wrote: I'm glad that letsencrypt is out there doing the publicity, but getting and using ssl certs has been free via startssl for several years now. What this new group is doing is the PR and marketing to get people to do it, of course

Re: https everywhere!

2015-11-30 Thread Kapps via Digitalmars-d-announce
On Saturday, 28 November 2015 at 04:17:19 UTC, Martin Nowak wrote: On Tuesday, 24 November 2015 at 08:48:58 UTC, Vladimir Panteleev wrote: Sorry, I'm not going to pay for my own SSL certificate :) You'll either have to share, or wait until Let's Encrypt goes live and I get around to setting it

Re: https everywhere!

2015-11-27 Thread Martin Nowak via Digitalmars-d-announce
On Tuesday, 24 November 2015 at 08:48:58 UTC, Vladimir Panteleev wrote: Sorry, I'm not going to pay for my own SSL certificate :) You'll either have to share, or wait until Let's Encrypt goes live and I get around to setting it up. You could either get a free startssl certificate

Re: https everywhere!

2015-11-27 Thread Vladimir Panteleev via Digitalmars-d-announce
On Saturday, 28 November 2015 at 04:17:19 UTC, Martin Nowak wrote: On Tuesday, 24 November 2015 at 08:48:58 UTC, Vladimir Panteleev wrote: Sorry, I'm not going to pay for my own SSL certificate :) You'll either have to share, or wait until Let's Encrypt goes live and I get around to setting it

Re: https everywhere!

2015-11-27 Thread Martin Nowak via Digitalmars-d-announce
On Monday, 23 November 2015 at 20:55:32 UTC, Walter Bright wrote: I'm pleased to announce that Jan Knepper has gotten us some proper certificates now, and dlang.org and digitalmars.com are now fully https! Glad to hear that as it's a requirement to host installer scipts and our gpg keyring

Re: https everywhere!

2015-11-25 Thread Joseph Rushton Wakeling via Digitalmars-d-announce
On Monday, 23 November 2015 at 20:55:32 UTC, Walter Bright wrote: I'm pleased to announce that Jan Knepper has gotten us some proper certificates now, and dlang.org and digitalmars.com are now fully https! Trying to access https://forum.dlang.org/ I get a "This Connection Is Untrusted" page

Re: https everywhere!

2015-11-25 Thread deadalnix via Digitalmars-d-announce
On Tuesday, 24 November 2015 at 19:13:22 UTC, duff wrote: On Tuesday, 24 November 2015 at 18:59:39 UTC, David Nadlinger wrote: Compare this e.g. to issues.dlang.org, which achieves a solid A grade (although it uses a SHA-1 intermediary certificate, which will lead to issues soon):

Re: https everywhere!

2015-11-24 Thread Walter Bright via Digitalmars-d-announce
On 11/24/2015 10:59 AM, David Nadlinger wrote: There are a number of issues with how SSL is set up on the server, from misconfiguration and/or outdated software: https://www.ssllabs.com/ssltest/analyze.html?d=dlang.org=on Compare this e.g. to issues.dlang.org, which achieves a solid A grade

Re: https everywhere!

2015-11-24 Thread Walter Bright via Digitalmars-d-announce
On 11/24/2015 12:55 AM, Vladimir Panteleev wrote: This change could've been done with some community communication, no? Then we could've gone into this prepared. Jan just turned off the automatic http: => https: redirect. That will keep the site working as before giving time to get

Re: https everywhere!

2015-11-24 Thread David Nadlinger via Digitalmars-d-announce
On Monday, 23 November 2015 at 20:55:32 UTC, Walter Bright wrote: I'm pleased to announce that Jan Knepper has gotten us some proper certificates now, and dlang.org and digitalmars.com are now fully https! There are a number of issues with how SSL is set up on the server, from

Re: https everywhere!

2015-11-24 Thread duff via Digitalmars-d-announce
On Tuesday, 24 November 2015 at 18:59:39 UTC, David Nadlinger wrote: On Monday, 23 November 2015 at 20:55:32 UTC, Walter Bright wrote: I'm pleased to announce that Jan Knepper has gotten us some proper certificates now, and dlang.org and digitalmars.com are now fully https! There are a

Re: https everywhere!

2015-11-24 Thread David Nadlinger via Digitalmars-d-announce
On Tuesday, 24 November 2015 at 19:13:22 UTC, duff wrote: You're part of the bikscheder team. What is this even supposed to mean? — David

Re: https everywhere!

2015-11-24 Thread Vladimir Panteleev via Digitalmars-d-announce
On Monday, 23 November 2015 at 21:18:58 UTC, Walter Bright wrote: On 11/23/2015 1:11 PM, Adam D. Ruppe wrote: On Monday, 23 November 2015 at 20:55:32 UTC, Walter Bright wrote: I'm pleased to announce that Jan Knepper has gotten us some proper certificates now, and dlang.org and digitalmars.com

Re: https everywhere!

2015-11-24 Thread Vladimir Panteleev via Digitalmars-d-announce
On Monday, 23 November 2015 at 20:55:32 UTC, Walter Bright wrote: I'm pleased to announce that Jan Knepper has gotten us some proper certificates now, and dlang.org and digitalmars.com are now fully https! Forcing HTTPS has broken: - The forum widget on the front page - This week's "This

Re: https everywhere!

2015-11-24 Thread Andrea Fontana via Digitalmars-d-announce
On Monday, 23 November 2015 at 20:55:32 UTC, Walter Bright wrote: I'm pleased to announce that Jan Knepper has gotten us some proper certificates now, and dlang.org and digitalmars.com are now fully https! Chrome warns me saying that dlang connectio is encrypted with obsolete cryptography

Re: https everywhere!

2015-11-23 Thread Adam D. Ruppe via Digitalmars-d-announce
On Monday, 23 November 2015 at 20:55:32 UTC, Walter Bright wrote: I'm pleased to announce that Jan Knepper has gotten us some proper certificates now, and dlang.org and digitalmars.com are now fully https! So it isn't actually https everywhere. On a https page, the browsers by

Re: https everywhere!

2015-11-23 Thread Walter Bright via Digitalmars-d-announce
On 11/23/2015 1:11 PM, Adam D. Ruppe wrote: On Monday, 23 November 2015 at 20:55:32 UTC, Walter Bright wrote: I'm pleased to announce that Jan Knepper has gotten us some proper certificates now, and dlang.org and digitalmars.com are now fully https! So it isn't actually https

Re: https everywhere!

2015-11-23 Thread cym13 via Digitalmars-d-announce
On Monday, 23 November 2015 at 21:18:58 UTC, Walter Bright wrote: The widgets don't, but the forums worked when I tried it. Firefox 42.0 here, neither the widgets nor the forums worked.

Re: https everywhere

2014-02-26 Thread Kagamin
On Friday, 21 February 2014 at 21:44:19 UTC, Dicebot wrote: Any certificate is tied to domain or masked domain. Covering both *.digitalmars.com and *.dlang.org with same certificate is impossible. Doesn't google use single certificate for all its domains (multiple masks)?

Re: https everywhere

2014-02-26 Thread Kagamin
On Friday, 21 February 2014 at 23:10:12 UTC, Jan Knepper wrote: Neither have I... I know there is www.cacert.org but as far as I know their certs are still not integrated in the browser SSL store. Last I checked cacert used their root key for automated signing, which is sort of scary, and

Re: https everywhere

2014-02-26 Thread Kagamin
On Friday, 21 February 2014 at 20:34:12 UTC, Walter Bright wrote: dlang.org and dconf.org now support https, https://dlang.org https://dconf.org Note that this is a self-signed certificate, and so when you first access it you'll get a dire warning from your browser. hyphenator is linked

Re: https everywhere

2014-02-25 Thread deadalnix
On Friday, 21 February 2014 at 20:34:12 UTC, Walter Bright wrote: dlang.org and dconf.org now support https, https://dlang.org https://dconf.org Note that this is a self-signed certificate, and so when you first access it you'll get a dire warning from your browser. Captcha in the forum to

Re: https everywhere

2014-02-22 Thread Dmitry Olshansky
22-Feb-2014 01:54, Nick Sabalausky пишет: On 2/21/2014 3:55 PM, deadalnix wrote: On Friday, 21 February 2014 at 20:35:12 UTC, Dicebot wrote: On Friday, 21 February 2014 at 20:34:12 UTC, Walter Bright wrote: dlang.org and dconf.org now support https, https://dlang.org https://dconf.org Note

Re: https everywhere

2014-02-22 Thread Rikki Cattermole
On Saturday, 22 February 2014 at 06:59:00 UTC, Nick Sabalausky wrote: Perhaps so. Although FWIW, there's also a *lot* of average-joe users (I personally know far too many) who flat-out *refuse* to read any word that ever appears on their screen. These

Re: https everywhere

2014-02-22 Thread Walter Bright
On 2/22/2014 12:43 AM, Dmitry Olshansky wrote: This. And since the site isn't dynamic and doesn't transmit private data the advantage of self-signed cert is highly dubious ;) There isn't any private data on the site, it's just getting on the https everywhere bandwagon.

Re: https everywhere

2014-02-22 Thread Dmitry Olshansky
22-Feb-2014 13:12, Walter Bright пишет: On 2/22/2014 12:43 AM, Dmitry Olshansky wrote: This. And since the site isn't dynamic and doesn't transmit private data the advantage of self-signed cert is highly dubious ;) There isn't any private data on the site, it's just getting on the https

Re: https everywhere

2014-02-22 Thread Sönke Ludwig
Am 21.02.2014 21:34, schrieb Walter Bright: dlang.org and dconf.org now support https, https://dlang.org https://dconf.org Note that this is a self-signed certificate, and so when you first access it you'll get a dire warning from your browser. When the certificate discussion is settled, it

Re: https everywhere

2014-02-21 Thread Adam Wilson
On Fri, 21 Feb 2014 12:35:10 -0800, Dicebot pub...@dicebot.lv wrote: On Friday, 21 February 2014 at 20:34:12 UTC, Walter Bright wrote: dlang.org and dconf.org now support https, https://dlang.org https://dconf.org Note that this is a self-signed certificate, and so when you first access it

Re: https everywhere

2014-02-21 Thread Dicebot
On Friday, 21 February 2014 at 20:34:12 UTC, Walter Bright wrote: dlang.org and dconf.org now support https, https://dlang.org https://dconf.org Note that this is a self-signed certificate, and so when you first access it you'll get a dire warning from your browser. Why can't free startssl

Re: https everywhere

2014-02-21 Thread Adam Wilson
On Fri, 21 Feb 2014 12:42:10 -0800, Dicebot pub...@dicebot.lv wrote: On Friday, 21 February 2014 at 20:39:28 UTC, Adam Wilson wrote: It probably has to do with the fact that the NSA owns every Root Signing Key in the world. And how it is relevant? Not like we are speaking about security

Re: https everywhere

2014-02-21 Thread Dicebot
On Friday, 21 February 2014 at 20:40:24 UTC, Walter Bright wrote: Why can't free startssl certificate be used? I never heard of it. https://www.startssl.com/?app=1

Re: https everywhere

2014-02-21 Thread Dicebot
On Friday, 21 February 2014 at 20:39:28 UTC, Adam Wilson wrote: It probably has to do with the fact that the NSA owns every Root Signing Key in the world. And how it is relevant? Not like we are speaking about security here - nothing sensitive is transferred from dlang.org; using self-signed

Re: https everywhere

2014-02-21 Thread Walter Bright
On 2/21/2014 12:35 PM, Dicebot wrote: On Friday, 21 February 2014 at 20:34:12 UTC, Walter Bright wrote: dlang.org and dconf.org now support https, https://dlang.org https://dconf.org Note that this is a self-signed certificate, and so when you first access it you'll get a dire warning from

Re: https everywhere

2014-02-21 Thread Dmitry Olshansky
22-Feb-2014 00:34, Walter Bright пишет: dlang.org and dconf.org now support https, https://dlang.org https://dconf.org Good idea. Note that this is a self-signed certificate, and so when you first access it you'll get a dire warning from your browser. That gets horribly wrong. With this

Re: https everywhere

2014-02-21 Thread Adam Wilson
On Fri, 21 Feb 2014 12:40:29 -0800, Walter Bright newshou...@digitalmars.com wrote: On 2/21/2014 12:35 PM, Dicebot wrote: On Friday, 21 February 2014 at 20:34:12 UTC, Walter Bright wrote: dlang.org and dconf.org now support https, https://dlang.org https://dconf.org Note that this is a

Re: https everywhere

2014-02-21 Thread w0rp
On Friday, 21 February 2014 at 20:34:12 UTC, Walter Bright wrote: dlang.org and dconf.org now support https, https://dlang.org https://dconf.org Note that this is a self-signed certificate, and so when you first access it you'll get a dire warning from your browser. Cool, that's always

Re: https everywhere

2014-02-21 Thread deadalnix
On Friday, 21 February 2014 at 20:35:12 UTC, Dicebot wrote: On Friday, 21 February 2014 at 20:34:12 UTC, Walter Bright wrote: dlang.org and dconf.org now support https, https://dlang.org https://dconf.org Note that this is a self-signed certificate, and so when you first access it you'll get

Re: https everywhere

2014-02-21 Thread Brad Anderson
On Friday, 21 February 2014 at 20:46:05 UTC, Adam Wilson wrote: On Fri, 21 Feb 2014 12:40:29 -0800, Walter Bright newshou...@digitalmars.com wrote: Why can't free startssl certificate be used? I never heard of it. I don't think they allow it for anything other than personal use though.

Re: https everywhere

2014-02-21 Thread Steven Schveighoffer
On Fri, 21 Feb 2014 15:55:02 -0500, deadalnix deadal...@gmail.com wrote: On Friday, 21 February 2014 at 20:35:12 UTC, Dicebot wrote: On Friday, 21 February 2014 at 20:34:12 UTC, Walter Bright wrote: dlang.org and dconf.org now support https, https://dlang.org https://dconf.org Note that

Re: https everywhere

2014-02-21 Thread Dicebot
On Friday, 21 February 2014 at 20:55:04 UTC, deadalnix wrote: On Friday, 21 February 2014 at 20:35:12 UTC, Dicebot wrote: On Friday, 21 February 2014 at 20:34:12 UTC, Walter Bright wrote: dlang.org and dconf.org now support https, https://dlang.org https://dconf.org Note that this is a

Re: https everywhere

2014-02-21 Thread Walter Bright
On 2/21/2014 12:57 PM, Brad Anderson wrote: For $59.90 Walter could get a class 2 organization verification for Digital Mars and do code signing so we can get rid of that scary message when people run the installer. We use StartSSL for our code signing and website SSL and are happy with it.

Re: https everywhere

2014-02-21 Thread Brad Anderson
On Friday, 21 February 2014 at 21:37:39 UTC, Walter Bright wrote: On 2/21/2014 12:57 PM, Brad Anderson wrote: For $59.90 Walter could get a class 2 organization verification for Digital Mars and do code signing so we can get rid of that scary message when people run the installer. We use

Re: https everywhere

2014-02-21 Thread Brad Roberts
On 2/21/14, 12:34 PM, Walter Bright wrote: dlang.org and dconf.org now support https, https://dlang.org https://dconf.org Note that this is a self-signed certificate, and so when you first access it you'll get a dire warning from your browser. At this point I'm just repeating what others

Re: https everywhere

2014-02-21 Thread Dicebot
On Friday, 21 February 2014 at 21:37:39 UTC, Walter Bright wrote: Would that work for all the websites? I.e. digitalmars.com, dlang.org, etc., or would it be a separate charge for each? Any certificate is tied to domain or masked domain. Covering both *.digitalmars.com and *.dlang.org with

Re: https everywhere

2014-02-21 Thread Nick Sabalausky
On 2/21/2014 4:39 PM, Brad Anderson wrote: On Friday, 21 February 2014 at 21:37:39 UTC, Walter Bright wrote: Would that work for all the websites? I.e. digitalmars.com, dlang.org, etc., or would it be a separate charge for each? The one cost and you could cover everything. StartSSL is novel

Re: https everywhere

2014-02-21 Thread Nick Sabalausky
On 2/21/2014 3:57 PM, Brad Anderson wrote: For $59.90 Walter could get a class 2 organization verification for Digital Mars and do code signing so we can get rid of that scary message when people run the installer. We use StartSSL for our code signing and website SSL and are happy with it. I

Re: https everywhere

2014-02-21 Thread Nick Sabalausky
On 2/21/2014 3:55 PM, deadalnix wrote: On Friday, 21 February 2014 at 20:35:12 UTC, Dicebot wrote: On Friday, 21 February 2014 at 20:34:12 UTC, Walter Bright wrote: dlang.org and dconf.org now support https, https://dlang.org https://dconf.org Note that this is a self-signed certificate, and

Re: https everywhere

2014-02-21 Thread Brad Anderson
On Friday, 21 February 2014 at 21:50:21 UTC, Nick Sabalausky wrote: On 2/21/2014 3:57 PM, Brad Anderson wrote: For $59.90 Walter could get a class 2 organization verification for Digital Mars and do code signing so we can get rid of that scary message when people run the installer. We use

Re: https everywhere

2014-02-21 Thread Brad Anderson
On Friday, 21 February 2014 at 21:44:19 UTC, Dicebot wrote: On Friday, 21 February 2014 at 21:37:39 UTC, Walter Bright wrote: Would that work for all the websites? I.e. digitalmars.com, dlang.org, etc., or would it be a separate charge for each? Any certificate is tied to domain or masked

Re: https everywhere

2014-02-21 Thread Dicebot
On Friday, 21 February 2014 at 22:52:46 UTC, Brad Anderson wrote: On Friday, 21 February 2014 at 21:44:19 UTC, Dicebot wrote: On Friday, 21 February 2014 at 21:37:39 UTC, Walter Bright wrote: Would that work for all the websites? I.e. digitalmars.com, dlang.org, etc., or would it be a separate

Re: https everywhere

2014-02-21 Thread Jan Knepper
On 2/21/14, 3:43 PM, Adam Wilson wrote: On Fri, 21 Feb 2014 12:42:10 -0800, Dicebot pub...@dicebot.lv wrote: On Friday, 21 February 2014 at 20:39:28 UTC, Adam Wilson wrote: It probably has to do with the fact that the NSA owns every Root Signing Key in the world. And how it is relevant? Not

Re: https everywhere

2014-02-21 Thread Jan Knepper
On 2/21/14, 3:35 PM, Dicebot wrote: On Friday, 21 February 2014 at 20:34:12 UTC, Walter Bright wrote: dlang.org and dconf.org now support https, https://dlang.org https://dconf.org Note that this is a self-signed certificate, and so when you first access it you'll get a dire warning from your

Re: https everywhere

2014-02-21 Thread Jan Knepper
On 2/21/14, 3:55 PM, deadalnix wrote: On Friday, 21 February 2014 at 20:35:12 UTC, Dicebot wrote: On Friday, 21 February 2014 at 20:34:12 UTC, Walter Bright wrote: dlang.org and dconf.org now support https, https://dlang.org https://dconf.org Note that this is a self-signed certificate, and

Re: https everywhere

2014-02-21 Thread Brad Anderson
On Friday, 21 February 2014 at 22:59:39 UTC, Dicebot wrote: On Friday, 21 February 2014 at 22:52:46 UTC, Brad Anderson wrote: On Friday, 21 February 2014 at 21:44:19 UTC, Dicebot wrote: On Friday, 21 February 2014 at 21:37:39 UTC, Walter Bright wrote: Would that work for all the websites? I.e.

Re: https everywhere

2014-02-21 Thread Jan Knepper
On 2/21/14, 3:40 PM, Walter Bright wrote: On 2/21/2014 12:35 PM, Dicebot wrote: On Friday, 21 February 2014 at 20:34:12 UTC, Walter Bright wrote: dlang.org and dconf.org now support https, https://dlang.org https://dconf.org Note that this is a self-signed certificate, and so when you first

Re: https everywhere

2014-02-21 Thread Dicebot
On Friday, 21 February 2014 at 23:12:32 UTC, Brad Anderson wrote: Walter's question is about whether the paid StartSSL verification I mentioned would let him cover all of those things for a single price (which it would). Not about whether a single certificate could be made to cover all of

Re: https everywhere

2014-02-21 Thread Ryan Chouinard
On Friday, 21 February 2014 at 23:10:12 UTC, Jan Knepper wrote: On 2/21/14, 3:40 PM, Walter Bright wrote: On 2/21/2014 12:35 PM, Dicebot wrote: On Friday, 21 February 2014 at 20:34:12 UTC, Walter Bright wrote: dlang.org and dconf.org now support https, https://dlang.org https://dconf.org

Re: https everywhere

2014-02-21 Thread Leandro Lucarella
Brad Anderson, el 21 de February a las 21:39 me escribiste: On Friday, 21 February 2014 at 21:37:39 UTC, Walter Bright wrote: On 2/21/2014 12:57 PM, Brad Anderson wrote: For $59.90 Walter could get a class 2 organization verification for Digital Mars and do code signing so we can get rid of

Re: https everywhere

2014-02-21 Thread Leandro Lucarella
Nick Sabalausky, el 21 de February a las 16:47 me escribiste: On 2/21/2014 4:39 PM, Brad Anderson wrote: On Friday, 21 February 2014 at 21:37:39 UTC, Walter Bright wrote: Would that work for all the websites? I.e. digitalmars.com, dlang.org, etc., or would it be a separate charge for each?

Re: https everywhere

2014-02-21 Thread Nick Sabalausky
On 2/22/2014 12:09 AM, Leandro Lucarella wrote: Nick Sabalausky, el 21 de February a las 16:47 me escribiste: On 2/21/2014 4:39 PM, Brad Anderson wrote: On Friday, 21 February 2014 at 21:37:39 UTC, Walter Bright wrote: Would that work for all the websites? I.e. digitalmars.com, dlang.org,

Re: https everywhere

2014-02-21 Thread Nick Sabalausky
On 2/22/2014 1:39 AM, Nick Sabalausky wrote: On 2/22/2014 12:09 AM, Leandro Lucarella wrote: Nick Sabalausky, el 21 de February a las 16:47 me escribiste: On 2/21/2014 4:39 PM, Brad Anderson wrote: On Friday, 21 February 2014 at 21:37:39 UTC, Walter Bright wrote: Would that work for all the

Re: https everywhere

2014-02-21 Thread Nick Sabalausky
On 2/21/2014 5:50 PM, Brad Anderson wrote: On Friday, 21 February 2014 at 21:50:21 UTC, Nick Sabalausky wrote: On 2/21/2014 3:57 PM, Brad Anderson wrote: For $59.90 Walter could get a class 2 organization verification for Digital Mars and do code signing so we can get rid of that scary