Discussion in 'Business & Enterprise Computing' started by elvis, Jul 1, 2008.
How? It takes like 5 minutes to set up for life.
Network Manager, Netplan, Systemd, Avahi, Pulse Audio. Linux is dead. Migrating to PonyOS.
This may be the equivalent moment of one of my favourite youtubers rage quitting in the middle of a stream and installing hellokitty online...
I genuinely can't keep up any more. Seems every week there's a new tantrum about an SSL vendor.
If it's not important, I go cheap like RapidSSL or someone. If it's important, I spy on the banks with SSL Labs' Test. For all my own stuff I've been on Let's Encrypt for ages.
These days almost everyone big seems to be owned by Symantec, and Google continue to have an ongoing spat with them, so it's hard to keep up.
We've used GoDaddy for our external certs for a number of years with no issues.
Except constant spam.
So FB is down 24% from the backlash after reporting.
Send to spam bin
We use GoDaddy and get cold calls every 3 months or so asking us if everything is Ok, can we help you with more certs etc.
Usually some Australian number but a VoIP relay with a US guy.
This is why I don't have a work phone.
Young dudes at work always get so uptight when they don't have a phone, as if it's some sort of status symbol. Meanwhile they're fielding all the spammy vendors, and taking messages for me like my personal assistant. Suckers.
Thats why I always give vendors your Personal mobile number.
I thought Symantec sold their certificate business to Digicert last year (because of googles threats?)
I've used digicert in the past, and while they are not the cheapest, they have a decent portal and good support.
So my number is +61-3-8652-1453 or +1-760-706-7425
Rick Astley - Never Gonna Give You Up (Video)
458,760,955 views Youtube.
That goes on silent, and only gets answered if its my wife or kids. Everyone else gets to hear my very witty voicemail rant.
Yeah, this is me not keeping up with that drama. I think once Let's Encrypt got to the point of being mildly competent, I jumped ship holus-bolus.
since 2011 (the Sophos article date) a lot has changed around things like Certificate Transparency Facebook have their own CT monitoring tool that anyone can use (need to have a FB account) - CertSpotter is free from memory, and Graham Edgecombe has a 'health checker' for CA CT servers.
RFC 6844 was Jan 2013 - DNS CAA has come a way since then, DNS CAA MUST be honored since September 2017.
The CA model is broken, there are bandaids to try and shore up the 'trust' in the market, although MD5 has been phased out for CA hashing and SHA-1 has been phased out for issuing CA's, there are still some trusted Root CA's with MD5 hashing, quietly waiting for a signature collision
Gold! my daughter will love this!!
Holy shit, pressing "1" gives you a retro chip-tunes version! Best day!
Amazon Lightsail DNS still doesn't give me CAA records. Hurumph.
I always read this, but don't experience the same thing - I have multiple domains with them (both personal and work), and get 2 summary emails from them a month (one per account). Plus the normal expiry ones (which are usually combined).
But that would mean there is a real world use that isn't hype!!!!
ACME V2 - Wildcard certs.
Take your money elsewhere, Cloudflare maybe?
Revocation becomes interesting
Every client needs a whole ledger to validate as apposed to reaching for a .crl file