[Noisebridge-discuss] noisebridge.net SSL cert
davidfine
d at vidfine.com
Wed Feb 3 23:35:53 UTC 2010
A wildcard cert would allow us to do sub-domains so it would work with
www or without. Let's just buy the cheapest accepted-by-default cert. I
can't think of a way a non-profit like us would benefit from more
expensive services.
--D
On 2/3/10 1:30 PM, Brian Ferrell wrote:
> On Wed, Feb 3, 2010 at 12:23, Jacob Appelbaum<jacob at appelbaum.net> wrote:
>
>> https://noisebridge.net/wiki/Noisebridge cannot and should not redirect.
>>
>> You can not (that I know of) cause a redirect in the SSL/TLS handshake.
>>
> Ah, thanks for that. Makes sense when you think about it...
>
> So to fix the problem* of visitors seeing the "omg this certificate is
> invalid" warning it seems there are two options:
>
> 1. Drop support for https://noisebridge.net altogether (forcing people
> to remember to type www and throwing a 404 otherwise)
> 2. Wait for the cert to expire and drop support for
> https://www.noisebridge.net (and renew the cert for
> https://noisebridge.net)
>
> or, in less words:
>
> 1. Use www
> 2. Use no-www
>
> Unfortunately, as long as we're using https, we can't easily redirect
> a user from one to the other so typing the wrong thing will result in
> a 404.
>
> Is it better to show the user an invalid cert warning or a 404?
>
> * = of course the 3rd option could be "this isn't a problem" but
> Someone Who Knows More About Security is probably better suited to
> make this claim.
>
> -Brian
> _______________________________________________
> Noisebridge-discuss mailing list
> Noisebridge-discuss at lists.noisebridge.net
> https://www.noisebridge.net/mailman/listinfo/noisebridge-discuss
>
>
>
More information about the Noisebridge-discuss
mailing list