FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > CentOS > CentOS

 
 
LinkBack Thread Tools
 
Old 08-21-2012, 01:37 PM
Rainer Duffner
 
Default projects.centos.org - certificate has expired

Just FYI

I guess, you could also run your own CA and sign stuff yourself.
After all, your RPMs are also self-signed ;-)



_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 08-21-2012, 02:39 PM
John Doe
 
Default projects.centos.org - certificate has expired

From: Rainer Duffner <rainer@ultra-secure.de>

>Just FYI
>I guess, you could also run your own CA and sign stuff yourself.
>After all, your RPMs are also self-signed ;-)


But that means the browsers will complain until each user permanently adds

this untrusted certificate manually... which might be no big deal if only a

few ttech savy people are using this sub-domain...

If CentOS is "rich", a wildcard certificate costs around $120/year,

maybe cheaper...

JD

_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 08-21-2012, 02:47 PM
Greg Bailey
 
Default projects.centos.org - certificate has expired

On 8/21/2012 7:39 AM, John Doe wrote:
> From: Rainer Duffner <rainer@ultra-secure.de>
>
>> Just FYI
>> I guess, you could also run your own CA and sign stuff yourself.
>> After all, your RPMs are also self-signed ;-)
> But that means the browsers will complain until each user permanently adds
>
> this untrusted certificate manually... which might be no big deal if only a
>
> few ttech savy people are using this sub-domain...
>
> If CentOS is "rich", a wildcard certificate costs around $120/year,
>
> maybe cheaper...
>

Or $0/year at startssl.com...

-Greg

_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 08-21-2012, 03:09 PM
Thomas Göttgens
 
Default projects.centos.org - certificate has expired

Startssl Wildcards require validation which is (i think) $59,90 per 2 years.
Now startssl simple certificates are $0, that's right :-)

Since i am StartCom-validated anyway i'd donate a 2-year SSL wildcard
certificate if the person in charge contacts me off-list. All i need i s a
CSR to submit and a valid email contact for the centos.org domain...

-----Ursprüngliche Nachricht-----
Von: centos-bounces@centos.org [mailto:centos-bounces@centos.org] Im Auftrag
von Greg Bailey
Gesendet: Dienstag, 21. August 2012 16:48
An: centos@centos.org
Betreff: Re: [CentOS] projects.centos.org - certificate has expired

On 8/21/2012 7:39 AM, John Doe wrote:
> From: Rainer Duffner <rainer@ultra-secure.de>
>
>> Just FYI
>> I guess, you could also run your own CA and sign stuff yourself.
>> After all, your RPMs are also self-signed ;-)
> But that means the browsers will complain until each user permanently adds
>
> this untrusted certificate manually... which might be no big deal if only
a
>
> few ttech savy people are using this sub-domain...
>
> If CentOS is "rich", a wildcard certificate costs around $120/year,
>
> maybe cheaper...
>

Or $0/year at startssl.com...

-Greg

_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 08-21-2012, 03:12 PM
Giles Coochey
 
Default projects.centos.org - certificate has expired

On 21/08/2012 15:47, Greg Bailey wrote:

On 8/21/2012 7:39 AM, John Doe wrote:

From: Rainer Duffner <rainer@ultra-secure.de>


Just FYI
I guess, you could also run your own CA and sign stuff yourself.
After all, your RPMs are also self-signed ;-)

But that means the browsers will complain until each user permanently adds

this untrusted certificate manually... which might be no big deal if only a

few ttech savy people are using this sub-domain...

If CentOS is "rich", a wildcard certificate costs around $120/year,

maybe cheaper...


Or $0/year at startssl.com...

-Greg


I use startssl.com - and generally it is fine... I have however had a
problem.
Someone recently sent an email in my name (but not from my email
address) asking for my certificate to be revoked to the startssl
certmaster. The startssl certmaster went ahead and revoked my
certificate, this caused me a fair amount of pain, and obviously there
is little cross-verification done against this type of
social-engineering attack.
I have been told that it is unlikely to happen again (because my account
now has red flags all over it), but if you use certificates for anything
serious you might want to use an organisation that has enough funding to
perform some cross-verification against such attacks..


--
Regards,

Giles Coochey, CCNA, CCNAS
NetSecSpec Ltd
+44 (0) 7983 877438
http://www.coochey.net
http://www.netsecspec.co.uk
giles@coochey.net


_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 08-21-2012, 03:13 PM
John Doe
 
Default projects.centos.org - certificate has expired

From: Greg Bailey <gbailey@lxpro.com>

> On 8/21/2012 7:39 AM, John Doe wrote:
>> From: Rainer Duffner <rainer@ultra-secure.de>
>>> Just FYI
>>> I guess, you could also run your own CA and sign stuff yourself.
>>> After all, your RPMs are also self-signed ;-)
>> But that means the browsers will complain until each user permanently adds
>> this untrusted certificate manually... which might be no big deal if only a
>> few ttech savy people are using this sub-domain...
>> If CentOS is "rich", a wildcard certificate costs around
> $120/year, maybe cheaper...
>
> Or $0/year at startssl.com...

"In the Class 1 settings (free), the only possible relationship between StartCom and the subscriber is with individuals"
Now, is CentOS more of an individual than a company...?

JD
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 08-21-2012, 03:22 PM
 
Default projects.centos.org - certificate has expired

John Doe wrote:
> From: Greg Bailey <gbailey@lxpro.com>
>
>> On 8/21/2012 7:39 AM, John Doe wrote:
>>> From: Rainer Duffner <rainer@ultra-secure.de>
>>>> Just FYI
>>>> I guess, you could also run your own CA and sign stuff yourself.
>>>> After all, your RPMs are also self-signed ;-)
>>> But that means the browsers will complain until each user permanently
>>> adds this untrusted certificate manually... which might be no big deal if
>>> only a few ttech savy people are using this sub-domain...
>>> If CentOS is "rich", a wildcard certificate costs around
>> $120/year, maybe cheaper...
>>
>> Or $0/year at startssl.com...
>
> "In the Class 1 settings (free), the only possible relationship between
> StartCom and the subscriber is with individuals"
> Now, is CentOS more of an individual than a company...?

Silly question: would they *donate* one? Or check out root CA's that use
CentOS, and ask? (Sorry, I can't remember whether Trustwave, who I did a
short-term contract for in '09, used RHEL or CentOS).

mark

_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 08-21-2012, 03:27 PM
Karanbir Singh
 
Default projects.centos.org - certificate has expired

On 08/21/2012 02:37 PM, Rainer Duffner wrote:
> Just FYI
>
> I guess, you could also run your own CA and sign stuff yourself.
> After all, your RPMs are also self-signed ;-)
>
I'll get this fixed shortly.



--
Karanbir Singh
+44-207-0999389 | http://www.karan.org/ | twitter.com/kbsingh
ICQ: 2522219 | Yahoo IM: z00dax | Gtalk: z00dax
GnuPG Key : http://www.karan.org/publickey.asc
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 

Thread Tools




All times are GMT. The time now is 01:19 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright ©2007 - 2008, www.linux-archive.org