Update Metalstorms X509 Certificate to metalstorm.net



Posts: 11   Visited by: 38 users
08.01.2011 - 13:29
corrupt
With a lowercase c
The switch to metalstorm.net has been some time ago now and the site's certificate is still issued for metalstorm.ee. I know not many people here seem to use https when browsing the site (which is bad) but at least a few of us do. And since a query for the Estonian tld will be translated to .net anyway, the certificate should be re-issued for .net. Also it's still issued by a self-signed Metalstorm CA. I know having your certs signed costs quite a bit of money but metalstorm has become fairly big and still everyone using TLS gets a browser warning everytime they visit the site. Maybe you can come up with that money to get a decent certificate.

Also, since we're on the topic here anyway, I'd love an option to have the site always use TLS when I'm logging in. I thought about how to enforce stuff like this and the only way I could come up with would be having a javascript function check the email address entered before performing the actual login and retrieve the TLS setting through AJAX. Maybe you guys have a better idea, but the feature would be nice.
----


Schwarzmetall!
Loading...
11.01.2011 - 10:39
corrupt
With a lowercase c
Am I seriously the only one interested in this?
----


Schwarzmetall!
Loading...
11.01.2011 - 12:43
Raiden
Down Under Staff
I think in this day and age people prefer convenience over security. Certificates cost in the $1000s don't they? I can't remember exactly.
----
"Scream for me Melbourne!!!!"
- Bruce Dickinson

"I don't see any god up here"
- Yuri Gagarin (while in orbit, 1961)
Loading...
11.01.2011 - 15:03
corrupt
With a lowercase c
Written by Raiden on 11.01.2011 at 12:43

I think in this day and age people prefer convenience over security. Certificates cost in the $1000s don't they? I can't remember exactly.

That depends. Thawte for instance will sing a two year certificate for ~300. But that's not the point. Having it signed is a optional request of mine. Fact is that the certificate presented by the webserver for metalstorm.net is not issued for that domain but for metalstorm.ee. Also 1024 bit RSA isn't considered secure by today's standard anymore but that's another matter.
This can easily be corrected by re-generating the certificate. X509 even provides and extension allowing the creation of one certificate valid for multiple domains. The TLS setting I ask for is in fact a means of convenience.
----


Schwarzmetall!
Loading...
11.01.2011 - 15:14
Raiden
Down Under Staff
Oh yes, I see that it doesn't expire for a little while yet at least.
----
"Scream for me Melbourne!!!!"
- Bruce Dickinson

"I don't see any god up here"
- Yuri Gagarin (while in orbit, 1961)
Loading...
11.01.2011 - 16:21
Ivor
Staff
If I get time, I might reissue the thing to cover .net as well. It will not be signed officially in the near future, though. Deal with it.

I.
----
No friends for playing games
No foes who scorn my name
Computerized machines of steel and rust
/---/
No friends in my house on Mars
No foes in my house on Mars
I was born in my house on Mars
I will die in my house on Mars
-- Ayreon - My House on Mars
Loading...
11.01.2011 - 19:55
Zombie
Thrash'tillDeath
I get that warning everytime i log onto www.hotmail.com so, when microsoft choose not to pay for a some certificate, i doubt that metalstorm would.. considering the very little revenue from ads.
----


None are more hopelessly enslaved than those who falsely believe they are free
Johann Wolfgang van Goethe 1749-1832
Loading...
11.01.2011 - 23:12
corrupt
With a lowercase c
Written by Zombie on 11.01.2011 at 19:55

I get that warning everytime i log onto www.hotmail.com so, when microsoft choose not to pay for a some certificate, i doubt that metalstorm would.. considering the very little revenue from ads.

All of Microsofts certificates are signed by VeriSign. And I can't reproduce what you're saying. When visiting hotmail.com, one is redirected to login.live.com which presents a correctly validatable certificate signed by VeriSign Inc.
----


Schwarzmetall!
Loading...
11.01.2011 - 23:23
Zombie
Thrash'tillDeath
I dont know man, maybe the didnt get certifictaes for the domain serving africa or the middle east (if such thing is possible) .. i'm no computer expert but that's what happens when i sign in everytime
----


None are more hopelessly enslaved than those who falsely believe they are free
Johann Wolfgang van Goethe 1749-1832
Loading...
03.02.2011 - 10:19
corrupt
With a lowercase c
Any news on this?
----


Schwarzmetall!
Loading...
03.02.2011 - 10:23
Ivor
Staff
Written by corrupt on 03.02.2011 at 10:19

Any news on this?

No, busy times.

I.
----
No friends for playing games
No foes who scorn my name
Computerized machines of steel and rust
/---/
No friends in my house on Mars
No foes in my house on Mars
I was born in my house on Mars
I will die in my house on Mars
-- Ayreon - My House on Mars
Loading...

Advertise on Metal Storm