by loftar » Tue Jul 12, 2016 8:40 pm Jalpha wrote:Pretty sure it's because the devs are cowboys who don't play by the rules and stick it to the man by refusing to renew some kind of Java license iirc.
Actually, Chrome will say that of all JNLP files, regardless of how they are signed. (Well, JNLP files aren't signed at all but rather the resource they point to &c&c, but the point still stands.) We did in fact crack under pressure and got a protection racket certificate for the official client, though I'd still like to remedy that and depart from JNLP entirely.
borka wrote:They where pointed to Let's Encrypt in IP already ;)
Pretty much what Granger said here. The whole trusted-third-party thing is intrinsically a protection racket and also broken in various ways, even if some of the providers are free-of-charge.
