You are not logged in.

#76 2010-07-18 23:14:57

litemotiv
Forum Fellow
Registered: 2008-08-01
Posts: 5,026

Re: This bbs now uses https exclusively

skottish wrote:

It was on 5 with 7 being the highest. Unfortunately, with Microsoft Stove 2010 it's very difficult to know the difference between stupidity and brilliance.

You can try disabling Spatty, the stove assistant, it is known to cause erratic behavior on Stove 2010. Did you check your fireblanket?

smoimage.jpg


ᶘ ᵒᴥᵒᶅ

Offline

#77 2010-07-18 23:58:37

mrunion
Member
From: Jonesborough, TN
Registered: 2007-01-26
Posts: 1,938
Website

Re: This bbs now uses https exclusively

OK, just chiming in about the https thing:

1) Do whatever, it doesn't matter to me
2) I don't get it, though. Seems like overkill to me. Bu it doesn't bother me.


Matt

"It is very difficult to educate the educated."

Offline

#78 2010-07-19 01:23:46

Xyne
Administrator/PM
Registered: 2008-08-03
Posts: 6,963
Website

Re: This bbs now uses https exclusively

brain0 wrote:

I just switched bbs.archlinux.org to use only https.

Thanks! big_smile


Pierre wrote:

Yes, I am serious. Everything should be encrypted. The internet is simply not a trusted network.

I feel the same. Even if you think no one is interested in your data, there is still no reason to leave it in the open and it's better to roll out encryption now then wait for a pressing reason to do so. ISPs are growing bolder in exploring new ways to exploit your data for profit* and I'm sure there are other groups who are interested in monitoring traffic in detail. Encryption isn't just for whistle-blowers and dissidents in autocratic regimes.

Even if you are not concerned about privacy, there is still no reason to be against it.

* concrete example and a potential taste of things to come: direct insertion of data into your data stream for marketing purposes

Last edited by Xyne (2010-07-19 01:38:55)


My Arch Linux StuffForum EtiquetteCommunity Ethos - Arch is not for everyone

Offline

#79 2010-07-19 01:36:51

iphitus
Forum Fellow
From: Melbourne, Australia
Registered: 2004-10-09
Posts: 4,927

Re: This bbs now uses https exclusively

Any chance we can get a cert with wider acceptance? So far nothing other than Arch Linux browser have accepted the CACert.

Offline

#80 2010-07-19 03:10:41

Anikom15
Banned
From: United States
Registered: 2009-04-30
Posts: 836
Website

Re: This bbs now uses https exclusively

Firefox on Windows doesn't like the cert.


Personally, I'd rather be back in Hobbiton.

Offline

#81 2010-07-19 03:16:58

Allan
Pacman
From: Brisbane, AU
Registered: 2007-06-09
Posts: 11,357
Website

Re: This bbs now uses https exclusively

Anikom15 wrote:

Firefox on Windows doesn't like the cert.

Great to see you read the first post...

Online

#82 2010-07-19 06:50:43

fukawi2
Ex-Administratorino
From: .vic.au
Registered: 2007-09-28
Posts: 6,217
Website

Re: This bbs now uses https exclusively

iphitus wrote:

Any chance we can get a cert with wider acceptance? So far nothing other than Arch Linux browser have accepted the CACert.

Firefox on Fedora accepts it too.

Offline

#83 2010-07-19 17:31:00

Anikom15
Banned
From: United States
Registered: 2009-04-30
Posts: 836
Website

Re: This bbs now uses https exclusively

Allan wrote:
Anikom15 wrote:

Firefox on Windows doesn't like the cert.

Great to see you read the first post...

It never explicitly said it.

Now if was in a later post.


Personally, I'd rather be back in Hobbiton.

Offline

#84 2010-07-19 17:35:28

Allan
Pacman
From: Brisbane, AU
Registered: 2007-06-09
Posts: 11,357
Website

Re: This bbs now uses https exclusively

Anikom15 wrote:
Allan wrote:
Anikom15 wrote:

Firefox on Windows doesn't like the cert.

Great to see you read the first post...

It never explicitly said it.

Now if was in a later post.

brain0 wrote:

3) Our certificate is from CACert. AFAIK, this is not included in many browsers by default. If you use Arch Linux, at least everything that uses the OpenSSL certificate store and all Mozilla browsers are CACert-enabled - on other operating systems, our certificate might show up as untrusted.

Not sure how much more explicit it could be...   I suppose he could of said "on other operating systems such as Windows"...

Online

#85 2010-07-19 17:47:54

moljac024
Member
From: Serbia
Registered: 2008-01-29
Posts: 2,676

Re: This bbs now uses https exclusively

fukawi2 wrote:
iphitus wrote:

Any chance we can get a cert with wider acceptance? So far nothing other than Arch Linux browser have accepted the CACert.

Firefox on Fedora accepts it too.

No, it doesn't.


The day Microsoft makes a product that doesn't suck, is the day they make a vacuum cleaner.
--------------------------------------------------------------------------------------------------------------
But if they tell you that I've lost my mind, maybe it's not gone just a little hard to find...

Offline

#86 2010-07-19 17:50:27

Acecero
Member
Registered: 2008-06-21
Posts: 1,373

Re: This bbs now uses https exclusively

Anikom15 wrote:

It never explicitly said it.

Now if was in a later post.

Allan wrote:

Not sure how much more explicit it could be...   I suppose he could of said "on other operating systems such as Windows"...

I think it was clear enough that it meant on other operating systems besides Arch Linux, if you read what I bold here.

brain0 wrote:

3) Our certificate is from CACert. AFAIK, this is not included in many browsers by default. If you use Arch Linux, at least everything that uses the OpenSSL certificate store and all Mozilla browsers are CACert-enabled - on other operating systems, our certificate might show up as untrusted.

Last edited by Acecero (2010-07-19 17:57:17)

Offline

#87 2010-07-19 19:44:32

fsckd
Forum Fellow
Registered: 2009-06-15
Posts: 4,173

Re: This bbs now uses https exclusively


aur S & M :: forum rules :: Community Ethos
Resources for Women, POC, LGBT*, and allies

Offline

#88 2010-07-19 22:37:53

fukawi2
Ex-Administratorino
From: .vic.au
Registered: 2007-09-28
Posts: 6,217
Website

Re: This bbs now uses https exclusively

moljac024 wrote:
fukawi2 wrote:
iphitus wrote:

Any chance we can get a cert with wider acceptance? So far nothing other than Arch Linux browser have accepted the CACert.

Firefox on Fedora accepts it too.

No, it doesn't.

Hmm, maybe I've imported the root cert previously because I use CAcert for other things... I certainly don't get any warnings or errors on F12 smile

Offline

#89 2010-07-20 02:35:30

stryder
Member
Registered: 2009-02-28
Posts: 500

Re: This bbs now uses https exclusively

I got warned while checking the forum using firefox from my ibook. The warning from firefox is pretty severe and continues even when you are determined to carry on and make an exception. Safari is less intimidating. It is no problem for me as I already know and understand what was going on but for someone who found arch googling for some answers it would take a brave and determined or at least knowledgeable person to click through all the warnings. So too those who are checking out arch as a possible distro that they might like. We commonly check out the community first. These are people who don't use arch and so the warning will most certainly be triggered. At the very least some explanation should be on the home page. That was where I went when it was first triggered. Perhaps there is some way to redirect to an explanation page and subsequent visits can be passed through via cookie. Better still if we can use a cert that is mostly recognized and accepted. Or we implement security at the points where security is called for, like log in.

Offline

#90 2010-07-20 06:05:07

iphitus
Forum Fellow
From: Melbourne, Australia
Registered: 2004-10-09
Posts: 4,927

Re: This bbs now uses https exclusively

Sorry, to clarify before, it was Firefox, Opera, Chrome and IE on windows smile

Offline

#91 2010-07-20 07:05:26

moljac024
Member
From: Serbia
Registered: 2008-01-29
Posts: 2,676

Re: This bbs now uses https exclusively

fukawi2 wrote:
moljac024 wrote:
fukawi2 wrote:

Firefox on Fedora accepts it too.

No, it doesn't.

Hmm, maybe I've imported the root cert previously because I use CAcert for other things... I certainly don't get any warnings or errors on F12 smile

Yup, you have to manually import the root cert because Fedora doesn't provide it.


The day Microsoft makes a product that doesn't suck, is the day they make a vacuum cleaner.
--------------------------------------------------------------------------------------------------------------
But if they tell you that I've lost my mind, maybe it's not gone just a little hard to find...

Offline

#92 2010-07-20 09:50:05

yejun
Member
Registered: 2009-10-21
Posts: 66

Re: This bbs now uses https exclusively

Why not use startssl's certificate which is free and accepted by all linux, windows and mac except opera.

Offline

#93 2010-07-20 09:50:29

CyrIng
Member
From: France
Registered: 2010-07-17
Posts: 106
Website

Re: This bbs now uses https exclusively

Firefox [ Mozilla/5.0 (Windows; U; Windows NT 5.1; fr; rv:1.9.2.3) Gecko/20100401 Firefox/3.6.3 ] does not accept the forum's certificat.

Access is granted if an exception is stored.

Offline

#94 2010-07-20 10:00:43

Pierre
Developer
From: Bonn
Registered: 2004-07-05
Posts: 1,964
Website

Re: This bbs now uses https exclusively

yejun wrote:

Why not use startssl's certificate which is free and accepted by all linux, windows and mac except opera.

It's not free (also quite cheap). Only their cert for a single sub domain is free.

@CyrIng: Try reading this thread. Of course Microsoft does not include the cacert cert by default.

Offline

#95 2010-07-20 10:06:29

yejun
Member
Registered: 2009-10-21
Posts: 66

Re: This bbs now uses https exclusively

Pierre wrote:
yejun wrote:

Why not use startssl's certificate which is free and accepted by all linux, windows and mac except opera.

It's not free (also quite cheap). Only their cert for a single sub domain is free.

@CyrIng: Try reading this thread. Of course Microsoft does not include the cacert cert by default.

But since SNI client is requied in this case, they may as well use single certificate.

Offline

#96 2010-07-20 17:03:17

CyrIng
Member
From: France
Registered: 2010-07-17
Posts: 106
Website

Re: This bbs now uses https exclusively

@CyrIng: Try reading this thread. Of course Microsoft does not include the cacert cert by default.

Hi

This is what I'm looking for : in 6 steps .

http://wiki.cacert.org/BrowserClients

( whenever I need to secure I use stunnel http://www.stunnel.org )

Offline

#97 2010-07-21 17:38:35

ss2
Member
Registered: 2007-10-05
Posts: 83

Re: This bbs now uses https exclusively

Anikom15 wrote:

Hey guess what. Wikipedia doesn't have SSL so some 'third party' can know you put 'boobs' into the search box and use it on you to sell you stuff. Bullshit, no one cares.

no?

Since a couple of years I know that Wikipedia is addressable over a secure layer. But they don't advertise this fact. afaik. Out of one good reason:

SSL can create a massive overhead (Traffic and melting CPUs) once many connections need to be maintained simultaneously. And this seems to be one of the reasons why SSL does not get much attention.

I really appreciate it to read across this site over https now. smile


regards

Offline

#98 2010-07-21 18:04:34

toxygen
Member
Registered: 2008-08-22
Posts: 713

Re: This bbs now uses https exclusively

ss2 wrote:
Anikom15 wrote:

Hey guess what. Wikipedia doesn't have SSL so some 'third party' can know you put 'boobs' into the search box and use it on you to sell you stuff. Bullshit, no one cares.

no?

Since a couple of years I know that Wikipedia is addressable over a secure layer. But they don't advertise this fact. afaik. Out of one good reason:
I really appreciate it to read across this site over https now. smile

OT, and on a related note the firefox search engines for the search bar include wiki ssl search, google ssl search (and quite a few others) so it's not completely unheard of.


"I know what you're thinking, 'cause right now I'm thinking the same thing. Actually, I've been thinking it ever since I got here:
Why oh why didn't I take the BLUE pill?"

Offline

#99 2010-07-21 19:27:36

yejun
Member
Registered: 2009-10-21
Posts: 66

Re: This bbs now uses https exclusively

ss2 wrote:

SSL can create a massive overhead (Traffic and melting CPUs) once many connections need to be maintained simultaneously. And this seems to be one of the reasons why SSL does not get much attention.

All intel's new cpu of this year have hardware aes, so hardware problem should go away soon.

Last edited by yejun (2010-07-21 19:28:10)

Offline

#100 2010-07-21 22:59:25

fukawi2
Ex-Administratorino
From: .vic.au
Registered: 2007-09-28
Posts: 6,217
Website

Re: This bbs now uses https exclusively

yejun wrote:
ss2 wrote:

SSL can create a massive overhead (Traffic and melting CPUs) once many connections need to be maintained simultaneously. And this seems to be one of the reasons why SSL does not get much attention.

All intel's new cpu of this year have hardware aes, so hardware problem should go away soon.

That doesn't help the server... wink

Offline

Board footer

Powered by FluxBB