Hi! > Most browsers (and RSS readers and ...) will bark at it as > "(potentially) unsafe". Therefore, IMHO Wikimedia should > either use established CA's certificates or publish informa- > tion on the "private" (or CAcert) certificates on a trust- > worthy server, in paper publications, etc. where it can be > used to verify the certificates.
I know what happens when self-signed certificate is used. Why the heck is that an issue with wikitech.wikimedia.org wiki? > P. S.: Yes, it *is* highly unlikely that > wikitech.wikimedia.org's A record gets hijacked and a > MITM attack is staged as little could be gained. And then what? I for one use HTTP to access that wiki, feel free to hijack my account, and, um, vandalize. You won't need to do MITM for that, actually, will save you some effort. I thought there're more important issues out there ;-) Domas _______________________________________________ Wikitech-l mailing list Wikitech-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikitech-l
