This forum is in permanent archive mode. Our new active community can be found here.

GeekNights 090727 - SSL Certificates

edited July 2009 in GeekNights
Tonight on GeekNights we talk about the SSL Certificate racket. In the news, AT&T blocks 4chan and they ironically erased 1984 from everyone's Kindles.

Comments

  • edited July 2009
    Rym's Thing - Emergency Brick
    Scott's Thing - Secrets of Communist Computing

    It's nice to hear from you guys again.
    Post edited by Omnutia on
  • The problem with SSL is the same problem with all computing, the vast majority of people don't know how it works and don't care to know.
  • edited July 2009
    Loving the discussion on the SSL discussion.

    In regards to the DDOS discussion, Scott, Why do you play stupid for the sake of discussion?
    Post edited by Victor Frost on
  • Did Rym recently re-watch "How Hermes Requsitioned his Groove Back"? That's the second time recently that he's said someone was "Technically correct. The best kind of correct".
  • Did Rym recently re-watch "How Hermes Requsitioned his Groove Back"? That's the second time recently that he's said someone was "Technically correct. The best kind of correct".
    I know that Adam and I say that all the time and we haven't seen that episode in ages.
  • So next year, Mozilla, EFF, and others are teaming up to make deploying security certificates free and mad easy. Like
    $ sudo apt-get install lets-encrypt
    $ lets-encrypt frontrowcrew.com
    easy.

    If it really is that easy, this would be bonkers. I trust Mozilla and EFF to get it right.
  • arrarr
    edited November 2014
    Running into this post was some good timing. I just had to set up security for my site last week, and I learned a bunch of companies teamed up to make the fancy new expensive certificates because the old ones aren't making them enough money because encryption is better when you can see the company name for some reason.

    image

    Apparently in order to get a fancy green bar like this (picture at bottom) you have to pay a couple hundred dollars extra. Convenient.

    I was wondering if they make customers trust you more, so I did some Googling and collected the results. Answer (spoilers): no
    Post edited by arr on
  • I think the idea is that they have some humans do actual checking that you are who you say you are and you own the website you say you own, instead of just confirming an email or whatever. And those humans like getting paid.

    But it's no more cryptographically secure than a plain old cert (I think, I'm not the cert czar).
  • http://www.cathodecorner.com/nixiewatch/

    Asthetics of seeing function, rather than just form following function, is what make designs like this pleasing.

    Reason why steampunk, cyberpunk is popular. Mechanical watches, knives, examples of asthetics and function being simbiotic.
Sign In or Register to comment.