‹‹ Back to the General website discussion
Posts: 11  
Users visited: 38  
Search this topic:  


corrupt
With a lowercase c

Posts: 1543
From: Germany

  08.01.2011 at 13:29
The switch to metalstorm.net has been some time ago now and the site's certificate is still issued for metalstorm.ee. I know not many people here seem to use https when browsing the site (which is bad) but at least a few of us do. And since a query for the Estonian tld will be translated to .net anyway, the certificate should be re-issued for .net. Also it's still issued by a self-signed Metalstorm CA. I know having your certs signed costs quite a bit of money but metalstorm has become fairly big and still everyone using TLS gets a browser warning everytime they visit the site. Maybe you can come up with that money to get a decent certificate.

Also, since we're on the topic here anyway, I'd love an option to have the site always use TLS when I'm logging in. I thought about how to enforce stuff like this and the only way I could come up with would be having a javascript function check the email address entered before performing the actual login and retrieve the TLS setting through AJAX. Maybe you guys have a better idea, but the feature would be nice.
----


Schwarzmetall!
corrupt
With a lowercase c

Posts: 1543
From: Germany

  11.01.2011 at 10:39
Am I seriously the only one interested in this?
----


Schwarzmetall!
Raiden
Down Under Staff

Posts: 8292

Age: 26
From: Australia

  11.01.2011 at 12:43
I think in this day and age people prefer convenience over security. Certificates cost in the $1000s don't they? I can't remember exactly.
----
"Scream for me Melbourne!!!!"
- Bruce Dickinson

"I don't see any god up here"
- Yuri Gagarin (while in orbit, 1961)
corrupt
With a lowercase c

Posts: 1543
From: Germany

  11.01.2011 at 15:03
Written by Raiden on 11.01.2011 at 12:43

I think in this day and age people prefer convenience over security. Certificates cost in the $1000s don't they? I can't remember exactly.

That depends. Thawte for instance will sing a two year certificate for ~300. But that's not the point. Having it signed is a optional request of mine. Fact is that the certificate presented by the webserver for metalstorm.net is not issued for that domain but for metalstorm.ee. Also 1024 bit RSA isn't considered secure by today's standard anymore but that's another matter.
This can easily be corrected by re-generating the certificate. X509 even provides and extension allowing the creation of one certificate valid for multiple domains. The TLS setting I ask for is in fact a means of convenience.
----


Schwarzmetall!
Raiden
Down Under Staff

Posts: 8292

Age: 26
From: Australia

  11.01.2011 at 15:14
Oh yes, I see that it doesn't expire for a little while yet at least.
----
"Scream for me Melbourne!!!!"
- Bruce Dickinson

"I don't see any god up here"
- Yuri Gagarin (while in orbit, 1961)
Ivor
Staff

Posts: 4277

Age: 31
From: Estonia

  11.01.2011 at 16:21
If I get time, I might reissue the thing to cover .net as well. It will not be signed officially in the near future, though. Deal with it.

I.
----
No friends for playing games
No foes who scorn my name
Computerized machines of steel and rust
/---/
No friends in my house on Mars
No foes in my house on Mars
I was born in my house on Mars
I will die in my house on Mars
-- Ayreon - My House on Mars
Zombie
Thrash'tillDeath

Posts: 1627

Age: 28
From: Egypt

  11.01.2011 at 19:55
I get that warning everytime i log onto www.hotmail.com so, when microsoft choose not to pay for a some certificate, i doubt that metalstorm would.. considering the very little revenue from ads.
----


None are more hopelessly enslaved than those who falsely believe they are free
Johann Wolfgang van Goethe 1749-1832
corrupt
With a lowercase c

Posts: 1543
From: Germany

  11.01.2011 at 23:12
Written by Zombie on 11.01.2011 at 19:55

I get that warning everytime i log onto www.hotmail.com so, when microsoft choose not to pay for a some certificate, i doubt that metalstorm would.. considering the very little revenue from ads.

All of Microsofts certificates are signed by VeriSign. And I can't reproduce what you're saying. When visiting hotmail.com, one is redirected to login.live.com which presents a correctly validatable certificate signed by VeriSign Inc.
----


Schwarzmetall!
Zombie
Thrash'tillDeath

Posts: 1627

Age: 28
From: Egypt

  11.01.2011 at 23:23
I dont know man, maybe the didnt get certifictaes for the domain serving africa or the middle east (if such thing is possible) .. i'm no computer expert but that's what happens when i sign in everytime
----


None are more hopelessly enslaved than those who falsely believe they are free
Johann Wolfgang van Goethe 1749-1832
corrupt
With a lowercase c

Posts: 1543
From: Germany

  03.02.2011 at 10:19
Any news on this?
----


Schwarzmetall!
Ivor
Staff

Posts: 4277

Age: 31
From: Estonia

  03.02.2011 at 10:23
Written by corrupt on 03.02.2011 at 10:19

Any news on this?

No, busy times.

I.
----
No friends for playing games
No foes who scorn my name
Computerized machines of steel and rust
/---/
No friends in my house on Mars
No foes in my house on Mars
I was born in my house on Mars
I will die in my house on Mars
-- Ayreon - My House on Mars

Advertise on Metal Storm


Login or register to post here.



Similar topics

Forum Topic Similarity Started
News Melechesh - Update On New Album 1.5 19.08.2014 by Gothmog_Motsham
News Stormlord - Studio Update 1.5 14.02.2008 by -DC-002-
News The Rotted - New Album Update 1.5 16.05.2008 by Baz Anderson
News Abigor - Update From The Band 1.5 13.08.2008 by Ilham
News Blut Aus Nord - Studio Update 1.5 10.11.2007 by