Domas Mituzas <midom.lists(a)gmail.com> wrote:
> Most browsers (and RSS readers and ...) will bark
at it as
> "(potentially) unsafe". Therefore, IMHO Wikimedia should
> either use established CA's certificates or publish informa-
> tion on the "private" (or CAcert) certificates on a trust-
> worthy server, in paper publications, etc. where it can be
> used to verify the certificates.
I know what happens when self-signed certificate is
used.
Why the heck is that an issue with
wikitech.wikimedia.org wiki?
Because when you access
<URI:https://wikitech.wikimedia.org/>, it will bark :-).
Would not all references to
wikitech.leuksman.com have been
advertizing the HTTPS access (and the Google ratio is still
about 55900:209 :-)), I would not care. But IMVHO *if* HTTPS
requests are served, that should be done "properly".
> P. S.: Yes, it *is* highly unlikely that
> wikitech.wikimedia.org's A record gets hijacked and a
> MITM attack is staged as little could be gained.
And then what?
I for one use HTTP to access that wiki, feel free to hijack my
account, and, um, vandalize. You won't need to do MITM for that,
actually, will save you some effort.
I thought there're more important issues out there
;-)
I can assure you you are *very* right on that thought :-).
Tim