Bitcoin Forum>Bitcoin>Development & Technical Discussion
Author

Topic: SSL again (Read 1246 times)

JollyGreen
newbie
Activity: 42
Merit: 0
SSL again
March 14, 2011, 04:19:44 AM
#6
Quote from: caveden on March 14, 2011, 03:44:24 AM
HTTPS is not default here. To have it, you need to explicit ask for it. People who don't even know what a certificate is would just remain in HTTP.

Ha, ok, I just realized that, so what are the advantages to SSL for this site?  I don't login to access secure info, so I'm not that worried, what are others concerns?
caveden
legendary
Activity: 1106
Merit: 1004
Re: SSL again
March 14, 2011, 03:44:24 AM
#5
HTTPS is not default here. To have it, you need to explicit ask for it. People who don't even know what a certificate is would just remain in HTTP.
JollyGreen
newbie
Activity: 42
Merit: 0
Re: SSL again
March 14, 2011, 01:42:09 AM
#4
Quote from: grondilu on March 14, 2011, 01:16:17 AM

To me that sounds pretty much as good as relying on a third party "certificate authority".


I agree it is basically the same, but the later doesn't scare people with a warning.  I think enough people would pitch in for the SSL cost to make the issue go away, if money is the only problem.  I'm not aware of the past history of this request though.
kseistrup
hero member
Activity: 566
Merit: 500
Unselfish actions pay back better
Re: SSL again
March 14, 2011, 01:35:44 AM
#3
Quote from: grondilu on March 14, 2011, 01:16:17 AM
Basically with a self-signed certificate you just have to accept it the first time you connect to the website, and then, if later I'm being warned that the certificate is not the same anymore, then I can suspect there has been something smelly, and ask around about it.

In Chrome on Linux you have to accept it the first time, and Chrome will remember it until you shut down the browser.  Next time you open the browser you'll have to accept it again.

I think going for a CAcert or a StartSSL certificate is a good idea.

Cheers,
grondilu
legendary
Activity: 1288
Merit: 1080
Re: SSL again
March 14, 2011, 01:16:17 AM
#2
I don't know much about certificates, so correct me if I'm wrong, but:

Basically with a self-signed certificate you just have to accept it the first time you connect to the website, and then, if later I'm being warned that the certificate is not the same anymore, then I can suspect there has been something smelly, and ask around about it.

To me that sounds pretty much as good as relying on a third party "certificate authority".
casascius
vip
Activity: 1386
Merit: 1140
The Casascius 1oz 10BTC Silver Round (w/ Gold B)
Re: SSL again
March 14, 2011, 12:46:29 AM
#1
SSL is still self-signed

This is a public credibility problem

I'm not looking to hear again that self signed certificates are better, more secure, or any conspiracy theories from CA's, or that the public should configure their browsers to trust them.  I'm looking to repeat a reminder that having user's browsers display security warnings is a way of fostering mistrust and is a pretty ironic observation for a project that asks people to trust their money to cryptography.

How many months in a row must this issue be brought up before something can be done about it?
Bitcoin Forum>Bitcoin>Development & Technical Discussion
Jump to: