https://lists.gnupg.org X.509 certificate is expired
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Fri May 6 23:59:37 CEST 2011
When i point a web browser at https://lists.gnupg.org, i get a warning
that the server's X.509 certificate is expired (it has a CN of
trithemius.gnupg.org and several subjectAltNames, including
lists.gnupg.org).
I'm not a fan of the CA cartel, but it would be nice to have some
up-to-date way of verifying the server, especially for people already
well-connected in the web-of-trust.
If the administrator of the server would publish the host's key in an
OpenPGP certificate, and sign it, then we could verify it that way.
Here's a quick intro for how to do that:
http://www.debian-administration.org/article/660/Publishing_host_services_to_OpenPGP_with_Monkeysphere
If this isn't acceptable for some reason, could you at least update the
certificate to one with a reasonable expiration date?
Thanks,
--dkg
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 1030 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20110506/5da89f9a/attachment.pgp>
More information about the Gnupg-users
mailing list