[libre-riscv-dev] [Bug 182] Move to libre-soc.org

bugzilla-daemon at libre-riscv.org bugzilla-daemon at libre-riscv.org
Tue Feb 18 04:59:12 GMT 2020


http://bugs.libre-riscv.org/show_bug.cgi?id=182

--- Comment #15 from vklr at vkten.in <vklr at vkten.in> ---
(In reply to Jacob Lifshay from comment #14)
> (In reply to vklr at vkten.in from comment #12)
> > Self-signed Certificates have the possibility of Man in the Middle Attacks,
> > if we do not do proper certificate verification in user side. Like checking
> > certificate hash signature(fingerprints).
> 
> They also have the other major drawback of not being trusted by default by
> web browsers.
> 

Web browsers are also user side!

> We're currently using Let's Encrypt certs. One drawback of using wildcard
> certificates is that requires using the DNS-01 challenge which requires
> programmatically/manually modifying a DNS TXT record to verify ownership of
> the domains.
> 
> For my personal website, that actually works out better since I don't have
> my server publicly accessible (home internet & no public IP addresses), I
> can still generate https certs by manually modifying the DNS records, which
> don't require my server to have a public IP address.

We can use Acme Http challenge to issue certificates for main as well as it's
specific subdomains if we do not want wildcard certificates.

-- 
You are receiving this mail because:
You are on the CC list for the bug.


More information about the libre-riscv-dev mailing list