- From: Henry Story <henry.story@bblfish.net>
- Date: Tue, 6 Mar 2012 11:27:09 +0100
- To: elf Pavlik <perpetual-tripper@wwelves.org>
- Cc: public-webid <public-webid@w3.org>
You could also ask your friend if he uses github for his code. Because if he does he should look at the security hole that was found there recently and is due to a horrendously insecure ruby on rails default setup http://shiflett.org/blog/2012/mar/hacking-rails-and-github Then he should consider the epic proportions of that hole. It is so huge it even puts the skills of hackers in question, since they only reported it now. Henry On 6 Mar 2012, at 11:18, elf Pavlik wrote: > Excerpts from Henry Story's message of 2012-03-06 09:53:27 +0000: >> >> On 5 Mar 2012, at 11:46, elf Pavlik wrote: >> >>> >>> trying https connections to domains of people your website states that you know: >>> https://bblfish.net/ - (exception - common name www.foafssl.org) issuer: StartCom Ltd. >> >> That is because I don't yet have an https WebID, and I never claimed I did. You can't just >> take an http url, s/http/https/ and get a valid URL; unless you find me making an owl:sameAs >> claim. > i haven't said that you've claimed https webid yet ;) > and i get your point here! > >> >> The https port on that machine is foafssl.org. >> >> I am building a 100% https web server, which will then give me an https WebID. > i've tried to switch all my websites to HTTPS and start always using https:// when linking to them, but than having only single IP on the VPS which a friend made available to me, i've realized that some people who may like to see those sites still use windows xp, which has problems with SNI, as well as some other platform/browser combinations [1] > > if you or anyone here have by any chance some tips on how to deal with this limitation i would appreciate any pointers! > > [1] https://en.wikipedia.org/wiki/Server_Name_Indication#No_support > > =) > ~ elf pavlik ~ Social Web Architect http://bblfish.net/
Received on Tuesday, 6 March 2012 10:27:42 UTC