[Noisebridge-discuss] noisebridge.net SSL cert
Ryan Castellucci
ryan.castellucci at gmail.com
Tue Feb 2 21:56:24 UTC 2010
On Tue, Feb 2, 2010 at 1:40 PM, Sai Emrys <noisebridge at saizai.com> wrote:
> Hm... strange. When I tried it yesterday, it was signed by www.[some
> random string of letters].com for www.[some other random string of
> letters].com. Very blinding-obviously bogus.
>
> I just tried it again, and the SSL cert now appears to be legit from Equifax.
>
> It's possible that this was a MITM, but that seems a priori unlikely.
>
> Anyway, it's working now...
>
> - Sai
>
> PS why not have it be for noisebridge.net? http://no-www.org/ etc.
You generally have to pick one or else pay out the nose for a cert
with Subject Alternative Names.
Interestingly, I've found that some certs now get issued with the
plain domain, and www. if you ask for just the plain domain. I know
that comodo does this for High Assurance certs.
--
Ryan Castellucci http://ryanc.org/
More information about the Noisebridge-discuss
mailing list