On 12/16/2013 12:35 PM, Daniel Kahn Gillmor wrote: > Regardless of how you feel about the CA cartel in general, StartSSL is > not the only member of the cartel offering gratis certs, particularly > for well-known free software projects
Oh interesting, I didn't realize there were other CAs that give gratis certs. I don't think it matters at all what CA is used as long as browsers trust it, and I only suggested StartSSL because it's less scamy when it doesn't cost money. I hope some day one of the decentralized trust solutions takes over CAs. But on the topic of improving the HTTPS support on gnupg.org, I think torproject.org is pretty much an ideal example. They serve binaries of Tor Browser Bundle from https://www.torproject.org/ and have been attacked by governments all over the world, so they've put a lot of time and energy in doing things right. I'd like to see GPG have just as good web security. (And for that matter, why do I have two cookies in my browser that gnupg.org set? _pk_id.1.9e41 and _pk_ses.1.9e41 -- the id one is a unique id, which means it can be used to track my movements through that domain even if I switch IPs.) -- Micah Lee
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users