[Freedombox-discuss] Freedombox CA
Anders Jackson
anders.jackson at gmail.com
Thu Sep 12 19:02:51 UTC 2013
Den 12 sep 2013 15:53 skrev "Eugen Leitl" <eugen at leitl.org>:
>
> On Thu, Sep 12, 2013 at 03:22:25PM +0200, Anders Jackson wrote:
>
> > Isn't this just a new snake oil certificate? I would like a simple GUI
to
>
> You say that like it was a bad thing.
Depends, but yes mostly it is. Try to distribute it.
> > add CAcert.org certificates, or from any other CA.
>
> The CA model is dead. You might have missed the memo.
No, it isn't. It just smells like it when used badly.
> > Also generate certificate keys that can be imported to web browsers and
> > used to log in on your freedombox web interface. One for each user, and
> > easy to remove.
>
> You can import your own CA into the browser, which get
> rid of the warnings.
Yes, and?
> > I think there are work on using PGP keys useful in TLS (SSL), anyone
know
>
> SSL/TLS no longer inspire confidence. Messy implementations like
> OpenSSL even less.
Well, SSL has been dead for a long time and are still used. Don't use it!
TLS isn't a problem, unless you use early versions. Don't use those.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/freedombox-discuss/attachments/20130912/443852d3/attachment-0001.html>
More information about the Freedombox-discuss
mailing list