W3C home > Mailing lists > Public > public-webid@w3.org > March 2012

Re: as trustworthy as the hierarchical CA system currently in place...

From: Henry Story <henry.story@bblfish.net>
Date: Tue, 6 Mar 2012 11:27:09 +0100
Cc: public-webid <public-webid@w3.org>
Message-Id: <82063B82-13AD-47F8-91E2-61A65C916A3D@bblfish.net>
To: elf Pavlik <perpetual-tripper@wwelves.org>
You could also ask your friend if he uses github for his code.
Because if he does he should look at the security hole that
was found there recently and is due to a horrendously insecure
ruby on rails default setup

 http://shiflett.org/blog/2012/mar/hacking-rails-and-github

Then he should consider the epic proportions of that hole. It is so huge
it even puts the skills of hackers in question, since they only reported 
it now.

Henry


On 6 Mar 2012, at 11:18, elf Pavlik wrote:

> Excerpts from Henry Story's message of 2012-03-06 09:53:27 +0000:
>> 
>> On 5 Mar 2012, at 11:46, elf Pavlik wrote:
>> 
>>> 
>>> trying https connections to domains of people your website states that you know:
>>> https://bblfish.net/ - (exception - common name www.foafssl.org) issuer: StartCom Ltd.
>> 
>> That is because I don't yet have an https WebID, and I never claimed I did. You can't just
>> take an http url, s/http/https/ and get a valid URL; unless you find me making an owl:sameAs
>> claim.
> i haven't said that you've claimed https webid yet ;)
> and i get your point here!
> 
>> 
>> The https port on that machine is foafssl.org.
>> 
>> I am building a 100% https web server, which will then give me an https WebID.
> i've tried to switch all my websites to HTTPS and start always using https:// when linking to them, but than having only single IP on the VPS which a friend made available to me, i've realized that some people who may like to see those sites still use windows xp, which has problems with SNI, as well as some other platform/browser combinations [1]
> 
> if you or anyone here have by any chance some tips on how to deal with this limitation i would appreciate any pointers!
> 
> [1] https://en.wikipedia.org/wiki/Server_Name_Indication#No_support
> 
> =)
> ~ elf pavlik ~

Social Web Architect
http://bblfish.net/
Received on Tuesday, 6 March 2012 10:27:42 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 20:54:33 UTC