QELServ Forum

General Discussion => General Topics => Topic started by: kavvie on 2009-09-21 08:47 (Mon)



Title: About the bug tracker.
Post by: kavvie on 2009-09-21 08:47 (Mon)
Weird, but firefox nono like it :o
I added it to my exceptions, but yea weird overall :P
(http://i161.photobucket.com/albums/t223/bigkav/lolwtfconnection.jpg?t=1253486908)

http://support.mozilla.com/en-US/kb/This+connection+is+untrusted

That link explains why, so just more or less a notification :)
(Note: It used to do the same thing with Jabber "Invalid Certificate")

-kav


Title: Re: About the bug tracker.
Post by: krayon on 2009-09-21 09:54 (Mon)
Yeah this is because I don't agree with the certificate process where by you pay 7 gazzilion dollars to companies like Verisign that are NOT trustworthy to issue you a certificate.

I use CACert ( http://cacert.org/ ) (http://cacert.org/) to generate my certificates.  They are a free certificate authority.  The drawback is that cacert (at the moment) aren't included in most Operating Systems certificates so that warning occurs.

If you were to retrieve more details for the certificate, it SHOULD have only one issue with it, namely:
  "The certificate is not trusted because the issuer certificate is unknown."

Which, as it suggests, means that it doesn't trust CACert.

Regardless, there's no harm in adding the exception as this only adds it specifically for this site.  If you do NOT do this, and anyone performs a man-in-the-middle attack with the bugs.quadronyx.org site, you won't know because it'll just come up with a similar error.

SSL Certificates can be used for a number of things but mostly it's to ensure your connection with the server is clean and safe.  Unfortunately people also use them in order to prove they are the COMPANY they say they are etc which is why it's taken so seriously with all these warnings etc.  Apart from the secure connection, it's all a bunch of crap as far as I'm concerned :P


Title: Re: About the bug tracker.
Post by: kavvie on 2009-09-21 10:33 (Mon)
Thought so :P thanks for replying.