Justis Peters wrote: > Unfortunately, the SSL > certificate for https://lists.shorewall.net is self signed, though. Is > this how it has been forever, or has the server been hacked?
That's the way that it has been since day one. > With it > being self signed, there's no chain of trust to assure me that the site > hasn't been hacked. Could anybody provide me with a copy of the > Shorewall GPG key that they consider valid? Attached. > > If it is the normal case that the certificate is self signed, I'd like > to suggest that lists.shorewall.net apply for a certificate from > http://www.cacert.org/. That would at least provide a chain of trust > that I can rely on, even if it's not imported into most browsers. This > way, I can assure my client that the code I installed on their server is > validly the shorewall that we all know and love rather than a trojan horse. If and when I ever get the time and money to build a new server, I'll look into cacert.org. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ [EMAIL PROTECTED] PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key
shorewall.gpg.key
Description: application/pgp-keys
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT & business topics through brief surveys-and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
