[SAC] SSL Certificate Followup
Sandro Santilli
strk at keybit.net
Mon May 2 08:16:20 PDT 2016
On Mon, May 02, 2016 at 09:57:48AM -0400, Alex M wrote:
> On 05/02/2016 09:51 AM, Sandro Santilli wrote:
> > On Mon, May 02, 2016 at 09:33:34AM -0400, Alex M wrote:
> >
> >> Note to those suggesting
> >> letsencrypt, that too would only be a DV cert.
> >
> > Am I reading it correctly that https://wikipedia.org
> > and https://fsf.org are also using a DV cert ?
> >
> > My browser reports (upon asking for more information):
> >
> > "This website does not supply ownership information."
> It's not the Ownership info, it's the Organization (O) line, right after
> the common name. That's the only difference I've found.
My current browser (Iceweasel 38.7.0) doesn't show an Organization
line for the SSL certificate. The only difference I see between
the (say) paypal or wikipedia account is the "ownership information".
> I'll also note, it's harder to hijack the account, since even when
> logging in you basically can't do anything on Comodo (our old cert) and
> I've been going back and forth with them about updating the contact
> email address, which requires emailing from the current account to a
> specific address on their side requesting the change.
>
> Since we don't do an $ transactions, I can't really say if it's worth it
> or not.
I guess it depends on priorities and funds availability.
I'd like to see the disk space fixed, for example, and newer
machines to host newer services.
--strk;
More information about the Sac
mailing list