On Thu, May 13, 2010 at 10:37 AM, kuhkatz <kuhk...@googlemail.com> wrote:
> i got a knew ssl-cert from twitter.com today, which looks suspicious to me, > but i am not sure. > issue date: 26.05.2009 > valid until: 28.05.2010 The twitter.com cert, as assigned by Equifax/RapidSSL is about to expire and we are going to upgrade (in the next day or two) to a Verisign Class 3 EV Cert for twitter.com. On api.twitter.com, the cert will expire on July 26th, and we are upgrading that certificate as well. We are also deprecating the use of SSLv2 and will remove that cipher from our supported cipher list, asking anyone who connects via SSL to use SSLv3 or TLS. > i am unsure about its validity because of the very short validity date > around two weeks, and because my firefox now shows the twitter.com page as > 'completly encrypted' which was 'encrypted with cleartext parts' until now. > > can anyone confirm if this is a valid cert from twitter.com or if something > fishy is going on? It's valid, for the next couple of weeks. -john -- John Adams Twitter Operations
