??changed: -Currently we use our own TLS (https) certificates. -See '~/infra/CA.sh' (run with --help). - -The root CA, and the children certificates for each websites, are renewed for 1 year:: - - mv ~/tls ~/tls.2006 - ~/infra/CA.sh createCA - # the same authority (independently of its successive certs!) cannot use the same serial number twice - cp ~/tls.2006/demoCA/serial ~/tls/demoCA - ~/infra/CA.sh renew - ~/infra/CA.sh install - -Meanwhile, one of us should go discuss with cacert.org so they don't -provide their software under a non-free license, then we could use -their certificates instead of our self-signed ones. -https://savannah.gnu.org/support/?104690 - -Jag once offered to go classical and get a certificate signed by an authority already present in web browser (as done with fsf.org). -It would be interesting to foster alternate web of trusts though, and use CAcert. -[2 more lines...] Check https documentation at:
* http://savannah.gnu.org/tls/ * http://savannah.gnu.org/tls/tutorial/ Here's one of the requests to support CAcert: * http://savannah.gnu.org/support/?104690 -- forwarded from https://savannah.gnu.org/maintenance/tls#msg20091112105425+0...@https://savannah.gnu.org/maintenance _______________________________________________ Savannah-cvs mailing list [email protected] http://lists.gnu.org/mailman/listinfo/savannah-cvs
