[libre-riscv-dev] [Bug 182] Move to libre-soc.org

bugzilla-daemon at libre-riscv.org bugzilla-daemon at libre-riscv.org
Tue Feb 18 04:59:12 GMT 2020


--- Comment #15 from vklr at vkten.in <vklr at vkten.in> ---
(In reply to Jacob Lifshay from comment #14)
> (In reply to vklr at vkten.in from comment #12)
> > Self-signed Certificates have the possibility of Man in the Middle Attacks,
> > if we do not do proper certificate verification in user side. Like checking
> > certificate hash signature(fingerprints).
> They also have the other major drawback of not being trusted by default by
> web browsers.

Web browsers are also user side!

> We're currently using Let's Encrypt certs. One drawback of using wildcard
> certificates is that requires using the DNS-01 challenge which requires
> programmatically/manually modifying a DNS TXT record to verify ownership of
> the domains.
> For my personal website, that actually works out better since I don't have
> my server publicly accessible (home internet & no public IP addresses), I
> can still generate https certs by manually modifying the DNS records, which
> don't require my server to have a public IP address.

We can use Acme Http challenge to issue certificates for main as well as it's
specific subdomains if we do not want wildcard certificates.

You are receiving this mail because:
You are on the CC list for the bug.

More information about the libre-riscv-dev mailing list