[libre-riscv-dev] [Bug 182] Move to libre-soc.org
bugzilla-daemon at libre-riscv.org
bugzilla-daemon at libre-riscv.org
Tue Feb 18 01:16:35 GMT 2020
http://bugs.libre-riscv.org/show_bug.cgi?id=182
--- Comment #14 from Jacob Lifshay <programmerjake at gmail.com> ---
(In reply to vklr at vkten.in from comment #12)
> Self-signed Certificates have the possibility of Man in the Middle Attacks,
> if we do not do proper certificate verification in user side. Like checking
> certificate hash signature(fingerprints).
They also have the other major drawback of not being trusted by default by web
browsers.
> While Let's Encrypt certificates have certification from root authorities.
> It is to be noted their certificates are valid only for 90 days. They have
> to be periodically renewed using acme clients; either manually or
> automatically
> using cron.
We're currently using Let's Encrypt certs. One drawback of using wildcard
certificates is that requires using the DNS-01 challenge which requires
programmatically/manually modifying a DNS TXT record to verify ownership of the
domains.
For my personal website, that actually works out better since I don't have my
server publicly accessible (home internet & no public IP addresses), I can
still generate https certs by manually modifying the DNS records, which don't
require my server to have a public IP address.
--
You are receiving this mail because:
You are on the CC list for the bug.
More information about the libre-riscv-dev
mailing list