Consolidated Business & Enterprise Computing Rant Thread

Discussion in 'Business & Enterprise Computing' started by elvis, Jul 1, 2008.

  1. Dre_

    Dre_ Member

    Joined:
    May 25, 2014
    Messages:
    824
    How? It takes like 5 minutes to set up for life.
     
    NSanity likes this.
  2. OP
    OP
    elvis

    elvis Old school old fool

    Joined:
    Jun 27, 2001
    Messages:
    40,384
    Location:
    Brisbane
    Network Manager, Netplan, Systemd, Avahi, Pulse Audio. Linux is dead. Migrating to PonyOS.
    https://ponyos.org/
     
    GumbyNoTalent likes this.
  3. EvilGenius

    EvilGenius Member

    Joined:
    Apr 26, 2005
    Messages:
    10,532
    Location:
    elsewhere
    This may be the equivalent moment of one of my favourite youtubers rage quitting in the middle of a stream and installing hellokitty online...
     
    elvis likes this.
  4. OP
    OP
    elvis

    elvis Old school old fool

    Joined:
    Jun 27, 2001
    Messages:
    40,384
    Location:
    Brisbane
    I genuinely can't keep up any more. Seems every week there's a new tantrum about an SSL vendor.

    If it's not important, I go cheap like RapidSSL or someone. If it's important, I spy on the banks with SSL Labs' Test. For all my own stuff I've been on Let's Encrypt for ages.

    These days almost everyone big seems to be owned by Symantec, and Google continue to have an ongoing spat with them, so it's hard to keep up.
     
  5. wullieb1

    wullieb1 Member

    Joined:
    Jul 9, 2013
    Messages:
    466
    We've used GoDaddy for our external certs for a number of years with no issues.
     
  6. GumbyNoTalent

    GumbyNoTalent Member

    Joined:
    Jan 8, 2003
    Messages:
    8,295
    Location:
    Briz Vegas
  7. wullieb1

    wullieb1 Member

    Joined:
    Jul 9, 2013
    Messages:
    466
    Send to spam bin
     
  8. CptVipeR

    CptVipeR Member

    Joined:
    Jun 28, 2001
    Messages:
    811
    Location:
    Hobart
    We use GoDaddy and get cold calls every 3 months or so asking us if everything is Ok, can we help you with more certs etc.
    Usually some Australian number but a VoIP relay with a US guy.

    So annoying.
     
  9. OP
    OP
    elvis

    elvis Old school old fool

    Joined:
    Jun 27, 2001
    Messages:
    40,384
    Location:
    Brisbane
    This is why I don't have a work phone.

    Young dudes at work always get so uptight when they don't have a phone, as if it's some sort of status symbol. Meanwhile they're fielding all the spammy vendors, and taking messages for me like my personal assistant. Suckers.
     
  10. PabloEscobar

    PabloEscobar Member

    Joined:
    Jan 28, 2008
    Messages:
    13,884
    Thats why I always give vendors your Personal mobile number.
     
    looktall, mooboyj, NSanity and 2 others like this.
  11. PabloEscobar

    PabloEscobar Member

    Joined:
    Jan 28, 2008
    Messages:
    13,884
    I thought Symantec sold their certificate business to Digicert last year (because of googles threats?)
    https://www.digicert.com/news/digicert-completes-acquisition-of-symantec-ssl/

    I've used digicert in the past, and while they are not the cheapest, they have a decent portal and good support.
     
  12. GumbyNoTalent

    GumbyNoTalent Member

    Joined:
    Jan 8, 2003
    Messages:
    8,295
    Location:
    Briz Vegas
    miicah and kjparker like this.
  13. OP
    OP
    elvis

    elvis Old school old fool

    Joined:
    Jun 27, 2001
    Messages:
    40,384
    Location:
    Brisbane
    That goes on silent, and only gets answered if its my wife or kids. Everyone else gets to hear my very witty voicemail rant.

    I see.

    Yeah, this is me not keeping up with that drama. I think once Let's Encrypt got to the point of being mildly competent, I jumped ship holus-bolus.
     
  14. Doc-of-FC

    Doc-of-FC Member

    Joined:
    Aug 30, 2001
    Messages:
    3,377
    Location:
    Canberra
    since 2011 (the Sophos article date) a lot has changed around things like Certificate Transparency Facebook have their own CT monitoring tool that anyone can use (need to have a FB account) - CertSpotter is free from memory, and Graham Edgecombe has a 'health checker' for CA CT servers.

    RFC 6844 was Jan 2013 - DNS CAA has come a way since then, DNS CAA MUST be honored since September 2017.

    The CA model is broken, there are bandaids to try and shore up the 'trust' in the market, although MD5 has been phased out for CA hashing and SHA-1 has been phased out for issuing CA's, there are still some trusted Root CA's with MD5 hashing, quietly waiting for a signature collision ;)
     
    Last edited: Jul 26, 2018
  15. CptVipeR

    CptVipeR Member

    Joined:
    Jun 28, 2001
    Messages:
    811
    Location:
    Hobart
    Gold! my daughter will love this!! :)
     
    slavewone, 2SHY and elvis like this.
  16. OP
    OP
    elvis

    elvis Old school old fool

    Joined:
    Jun 27, 2001
    Messages:
    40,384
    Location:
    Brisbane
  17. OP
    OP
    elvis

    elvis Old school old fool

    Joined:
    Jun 27, 2001
    Messages:
    40,384
    Location:
    Brisbane
    Amazon Lightsail DNS still doesn't give me CAA records. Hurumph.

    BLOCKCHAIN!!!!11one1!1

    obama_mic_drop.gif
     
    NSanity, 2SHY, Daemon and 3 others like this.
  18. greebs

    greebs Member

    Joined:
    Dec 30, 2001
    Messages:
    955
    Location:
    Melbourne
    I always read this, but don't experience the same thing - I have multiple domains with them (both personal and work), and get 2 summary emails from them a month (one per account). Plus the normal expiry ones (which are usually combined).
     
  19. Gunna

    Gunna Member

    Joined:
    Dec 25, 2001
    Messages:
    7,608
    Location:
    Brisbane
    But that would mean there is a real world use that isn't hype!!!!
     
  20. Doc-of-FC

    Doc-of-FC Member

    Joined:
    Aug 30, 2001
    Messages:
    3,377
    Location:
    Canberra
    ACME V2 - Wildcard certs.

    Take your money elsewhere, Cloudflare maybe?

    Revocation becomes interesting ;)

    Every client needs a whole ledger to validate as apposed to reaching for a .crl file
     

Share This Page

Advertisement: