Untrusted certificate for https://wiki.gnupg.org/

Bernhard Reiter bernhard at intevation.de
Wed Jan 7 09:24:34 CET 2015


On Tuesday 06 January 2015 at 14:45:49, Werner Koch wrote:
> > Btw: Also the TLS configuration of wiki.gnupg.org is not as good as the
> > one for gnupg.org (e.g. support for TLS 1.2), see
> > https://www.ssllabs.com/ssltest/analyze.html?d=wiki.gnupg.org
>
> Well, maybe they can give some insights.

We will look into this.
Probably elder settings for a low security side.

(Thanks for the direct copy, as I am reading this list occasionally 
and sometimes miss emails.)

On Wednesday 07 January 2015 at 03:25:28, MFPA wrote:
> I don't see what they gained by signing the cert with
> that CA rather than leaving it as self-signed.

You can get our root cert from 
  https://ssl.intevation.de/
Traditionally we run our own little CA. It serves testing purposes
and it allows us production use for lower security levels for less costs.
(So we do not feed the CA business as much. A business that Werner for the 
most part considers heavily broken.)

Best,
Bernhard


-- 
www.intevation.de/~bernhard (CEO)    www.fsfe.org (Founding GA Member)
Intevation GmbH, Osnabrück, Germany; Amtsgericht Osnabrück, HRB 18998
Owned and run by Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 473 bytes
Desc: This is a digitally signed message part.
URL: </pipermail/attachments/20150107/68c72420/attachment.sig>


More information about the Gnupg-users mailing list