Welcome to the php ebenezer's messageboard
see bottom for more info


Re: ssl (23/10/17 22:44:04)
    Browsers in the very near future want to force everything thru https - basically disabling any http traffic to non-technical people.

    This *is* good. Although you should keep in mind, that TLS is only as strong an encryption as the ciphers and hash-algos you use.

    The not as good side is that all websites need to:
    -spend money on certificates.

    Nope. Unfortunately StartSSL damaged the field very bad. But there's still https://letsencrypt.org" and cacert.org. Most unfortunately, the latters are not welcomed by the major browsers. Letsencrypt, though, *is*. So you do have free certificates at your hands. Most professional web hosting companies do offer comparably cheap "professional" certificates as well.

    -reveal their identity
    Why? When you order an TLS certificate, you can create your own CSR. What information you put into that request, is your choice.

    -or spend more money on hiding their identity.
    ( Roll back the clock to '95. There wouldn't be Fravia - at least not for long.)

    IBTD. Especially Fravia would have found enough people helping out. Ever searched whois for the different domains you could then use to get access to his website?

    "CAA creates a DNS mechanism that enables domain name owners to whitelist CAs that are allowed to issue certificates for their hostnames. It operates via a new DNS resource record (RR) called CAA (type 257). Owners can restrict certificate issuance by specifying zero or more CAs; if a CA is allowed to issue a certificate, their own hostname will be in the DNS record."

    Hadn't seen this before. Will have to read up.


back to main board expand thread
Name email
Enter your message here :
Ask for confirmation if modified Are you not a spammer?
Show allowed tags
Show me the last post since :
local time shift :

come again

messageboard's PHP script is a courtesy of Laurent

 This board has been visited 1142798 timesCurrent time is 03/08/20 08:50:21
Re: ssl