SSL/TSL Certificate for site

Thoughts on the further development of Haven & Hearth? Feel free to opine!
Post a reply

SSL/TSL Certificate for site

Postby Tonatos » Mon Mar 28, 2016 8:57 am

Hello dear Lofter and jorb.

I see your ssl certificate for this site is not safe.
So, you can update the certificate, because there is a good free certification center as a https://letsencrypt.org/

Nic.
Tonatos
 
Posts: 4
Joined: Fri Nov 05, 2010 9:38 pm
Top

Re: SSL/TSL Certificate for site

Postby Fostik » Mon Mar 28, 2016 9:54 am

What for?
Game server already have a correct SSL.
Dont think that forum needs it.
Known as zunzon. Contact discord: zunzon.
User avatar
Fostik
 
Posts: 2003
Joined: Tue Jul 05, 2011 4:08 pm
Location: EU
Top

Re: SSL/TSL Certificate for site

Postby shubla » Mon Mar 28, 2016 10:25 am

But theres account that you log on. And theres some real money purchases linked to that account. (Hats, subscriptions etc.)
It would be bad to lose that account because of poor security.
It wouldnt be unheard if somone would try steal accounts by some weird way in hnh community.
Image
I'm not sure that I have a strong argument against sketch colors - Jorb, November 2019
http://i.imgur.com/CRrirds.png?1
Join the moderated unofficial discord for the game! https://discord.gg/2TAbGj2
Purus Pasta, The Best Client
User avatar
shubla
 
Posts: 13043
Joined: Sun Nov 03, 2013 11:26 am
Location: Finland
Top

Re: SSL/TSL Certificate for site

Postby Fostik » Mon Mar 28, 2016 12:03 pm

shubla wrote:But theres account that you log on. And theres some real money purchases linked to that account. (Hats, subscriptions etc.)
It would be bad to lose that account because of poor security.
It wouldnt be unheard if somone would try steal accounts by some weird way in hnh community.


There's only catalog of products. You paying in integrated swift system. Its safe.
Known as zunzon. Contact discord: zunzon.
User avatar
Fostik
 
Posts: 2003
Joined: Tue Jul 05, 2011 4:08 pm
Location: EU
Top

Re: SSL/TSL Certificate for site

Postby Tonatos » Mon Mar 28, 2016 3:02 pm

Fostik wrote:What for?
Dont think that forum needs it.

In most cases you right - for forum it is overhead, but I send account credentials in raw form. It's not secure! In open WiFi network is very easy to intercept this data.
I understand this is my personal opinion on the safety (early paranoia?!), but still why not?
Tonatos
 
Posts: 4
Joined: Fri Nov 05, 2010 9:38 pm
Top

Re: SSL/TSL Certificate for site

Postby Granger » Mon Mar 28, 2016 5:20 pm

Given the amount of shady certification authorities included in browsers these days a self signed certificate is, after accepting it permanently (=pinning), actually safer than a bought one which can be overridden without warning.

The warning is borderlining extortion since it just states that the issuer of that certificate didn't pay up the danegelt.
⁎ Mon Mar 22, 2010 ✝ Thu Jan 23, 2020
User avatar
Granger
 
Posts: 9263
Joined: Mon Mar 22, 2010 2:00 pm
Top

Re: SSL/TSL Certificate for site

Postby loftar » Wed Mar 30, 2016 5:36 pm

Granger wrote:Given the amount of shady certification authorities included in browsers these days a self signed certificate is, after accepting it permanently (=pinning), actually safer than a bought one which can be overridden without warning.

The warning is borderlining extortion since it just states that the issuer of that certificate didn't pay up the danegelt.

I came here to write pretty much this. PKI is, and always has been, retarded.
"Object-oriented design is the roman numerals of computing." -- Rob Pike
User avatar
loftar
 
Posts: 8926
Joined: Fri Apr 03, 2009 7:05 am
Top

Re: SSL/TSL Certificate for site

Postby StaggerNight » Wed Mar 30, 2016 8:05 pm

I think its a good Idea to put some security. Thats all I got to say
Animator - I guess

Twitter: https://twitter.com/?lang=en
User avatar
StaggerNight
 
Posts: 156
Joined: Sun Apr 26, 2015 4:40 am
Location: Oregon
Top
Post a reply

Return to Critique & Ideas

Who is online

Users browsing this forum: No registered users and 107 guests

Shoppe
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group