On 14/10/13 11:40, Robin Berjon wrote: > On 11/10/2013 17:15 , Tobie Langel wrote: >> On Friday, October 11, 2013 at 5:05 PM, James Graham wrote: >>> I don't really know how you would get a certificate for such a hostname >>> though. A self-signed cert. isn't good enough since browsers will >>> complain about it. I assume no CA will actually sign such a cert. >>> (additionally, the name is theoretically resolvable; someone could pay >>> for the .test tld. Hopefully that's not a big risk, but it's hard to >>> know). >> >> Why don't we just purchase a domain name and use it only for that? > > Yeah, in case I wasn't clear that's one of the options I was thinking > of. I only mentioned using a non-existing TLD to provide perhaps > stronger guarantee that it won't resolve, but we can easily just own the > domain and pledge never to use it. > Hmm, well I don't have a concrete objection except that it feels very dubious to start passing a private key around, even if we are never going to use the domain for any other purpose. I would at least like someone who understand this stuff better than me to say that it's an OK idea before I agree to it :)Received on Monday, 14 October 2013 10:48:58 UTC
This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 17:34:10 UTC