[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Savannah-help-public] missing SSL cert from savannah site
|
From: |
Matt Lee |
|
Subject: |
Re: [Savannah-help-public] missing SSL cert from savannah site |
|
Date: |
Fri, 16 Oct 2009 14:11:24 -0400 |
|
User-agent: |
Mozilla/5.0 (X11; U; Linux i686 (x86_64); en-US; rv:1.9.1.4pre) Gecko/20090915 Thunderbird/3.0b4 |
On 10/16/09 13:05, Yavor Doganov wrote:
> More importantly, I fail to see what the problem is, really. If the
> user is clueless enough and doesn't understand how to validate a
> certificate, what good it does if we choose a certificate that is
> included in a (popular) particular program?
I don't think this is about clueless users, and I find it pretty sad
that we're talking about people like that. Free software is for
everyone, and used by people who may seem clueless about this problem,
but it's because they've never had to deal with it before!
For me, this is about trust, plain and simple.
If users are doing things in a secure manner on the web, it should be
done over HTTPS, and that means paying the certificate folks for a real
certificate that is included in all the browsers people use.
I've had computer science professors not know what to do about the
Savannah error message and had to email my entire project and tell them
to manually add it.
<http://lists.gnu.org/archive/html/myexperiment-discuss/2007-03/msg00001.html>
It's acceptable for an internal demo, but totally unacceptable for a
public website with any significant project or number of users behind it
to do this.
We want people to trust the GNU project and the FSF. Broken SSL
certificates like this one, are just that -- breaking the trust
relationship between us and the general public.
signature.asc
Description: OpenPGP digital signature
- Re: [Savannah-help-public] missing SSL cert from savannah site, Jon, 2009/10/12
- Re: [Savannah-help-public] missing SSL cert from savannah site, Richard Stallman, 2009/10/13
- Re: [Savannah-help-public] missing SSL cert from savannah site, Sylvain Beucler, 2009/10/15
- Re: [Savannah-help-public] missing SSL cert from savannah site, Jon, 2009/10/15
- Re: [Savannah-help-public] missing SSL cert from savannah site, Richard Stallman, 2009/10/16
- Re: [Savannah-help-public] missing SSL cert from savannah site, Sylvain Beucler, 2009/10/16
- Re: [Savannah-help-public] missing SSL cert from savannah site, Matt Lee, 2009/10/16
- Re: [Savannah-help-public] missing SSL cert from savannah site, Sylvain Beucler, 2009/10/16
- Re: [Savannah-help-public] missing SSL cert from savannah site, Yavor Doganov, 2009/10/16
- Re: [Savannah-help-public] missing SSL cert from savannah site,
Matt Lee <=
- Re: [Savannah-help-public] missing SSL cert from savannah site, Yavor Doganov, 2009/10/16
- Re: [Savannah-help-public] missing SSL cert from savannah site, Matt Lee, 2009/10/16
- Re: [Savannah-help-public] missing SSL cert from savannah site, Yavor Doganov, 2009/10/16
- Re: [Savannah-help-public] missing SSL cert from savannah site, Richard Stallman, 2009/10/17
- Re: [Savannah-help-public] missing SSL cert from savannah site, Jonathan Gonzalez V., 2009/10/16
- Re: [Savannah-help-public] missing SSL cert from savannah site, Richard Stallman, 2009/10/17
- Re: [Savannah-help-public] missing SSL cert from savannah site, Yavor Doganov, 2009/10/17
- Re: [Savannah-help-public] missing SSL cert from savannah site, Richard Stallman, 2009/10/18
- Re: [Savannah-help-public] missing SSL cert from savannah site, Sylvain Beucler, 2009/10/19
- Re: [Savannah-help-public] missing SSL cert from savannah site, Richard Stallman, 2009/10/21