[u-u] Expired SSL certificate

Giles Orr gilesorr at gmail.com
Wed Dec 30 17:48:52 EST 2015


On 30 December 2015 at 17:20, D'Arcy J.M. Cain <darcy at druid.net> wrote:
> On Wed, 30 Dec 2015 16:58:47 -0500 (EST)
> Unix Unanimous Webmaster <www-uu at unixunanimous.org> wrote:
>> On Mon, 28 Dec 2015, arocker at Vex.Net wrote:
>> |
>> |Firefox won't let me near the site. (See "Subject:")
>>
>>       use http://unixunanimous.org for now
>
> Why not forever?  What's so critical that it needs to be protected by a
> certificate?
>
>>       the cert can be updates in one of 2 ways -
>>
>>       1. self-signed, which f/f etc will accept if one
>>          jumps thru a few hoops to coax it to do ao
>
> Unless users are sending private information back in a form why bother
> at all?
>
>
>>       2. cert can be bought for approx $7/year -
>>          not sure how u-u might finance that
>
> You get a benefactor to pay for it in return for mentioning it once a
> year like the domain name registration.  Speaking of which;
>
> Domain registration paid for this year by Vybe Networks Inc.
> (http://www.VybeNetworks.com/) which now owns and operates Vex.Net.
>
> Getting the cheapest possible cert is not much better than self signing.
>
> By the way, JavaScript just to make something blink?  Really?  Also,
> can we run the HTML through a validator?
>
> Cheers.

Free auto-generated certificates valid for 90 days (meant to be
auto-renewed on a cron job):

https://letsencrypt.org/

Technically rather hairy if you don't want their script to have root
access to your machine, but it's a great idea.  Just starting public
beta, which explains the bumpy ride.

Ah, Matti Anja beat me to it.  :-)

-- 
Giles
http://www.gilesorr.com/
gilesorr at gmail.com


More information about the u-u mailing list