newsNews: Announce: SSL certificates renewed

Show feedback again
Latest News
mail subsystem upgraded posted by beuc, Sat 23 May 2015 06:17:18 PM UTC - 0 replies
dl/home/cvs/svn/ upgraded to debian8 posted by beuc, Thu 21 May 2015 10:12:23 PM UTC - 0 replies SSL certificate renewed posted by zerodeux, Thu 24 Apr 2014 07:13:06 AM UTC - 2 replies
Heartbleed status and measures posted by beuc, Wed 09 Apr 2014 09:47:29 AM UTC - 0 replies
mail subsystem automatically reinstalled posted by beuc, Sat 08 Mar 2014 11:02:17 PM UTC - 0 replies
[124 news in archive]

Security Announce: SSL certificates renewed

Item posted by Mathieu Roy <yeupou> on Sun 15 Feb 2004 12:07:47 PM UTC.

Hash: SHA1

SSL certificates for and has been renewed for 1200 days.

These certificates are not signed by a real certificate authority: their purpose is not to confirm our identity but to provide you a way to be sure that and today are running on the same machine they were yesterday. Also, certificates are required for an https server to run, and https is a way to secure all the data transiting between your computer and our servers, like authentication information.

Mathieu Roy <> for Gna!
Version: GnuPG v1.2.4 (GNU/Linux)



Message: 108
RE: GPG signing (posted by yeupou, Mon 16 Feb 2004 06:55:35 PM UTC)

1) The signature is not valid because savane add < and > around email address and I had the bad idea to add my address.

If you remove the < >, I bet it would be ok.

2) Getting an Savane account cracked is possible. I guess that a gpg key may be cracked too, however I think it is a way tougher job, if not impossible. Security announces should definitely rely on a very secure signature, like GPG, unlike being logged on Gna! Also, security announces at Gna! should not depends on the Gna! structure itself to confirm it is validity: if Gna! was cracked, it would be easy to make false announces if the checks on the announces are made with Gna! specific stuff itself.
In this case, it would takes Gna! to be cracked and my own GPG key to be cracked, two things unlikely to happen at the same time.

Thread Author Date
GPG signingzerodeuxMon 16 Feb 2004 01:11:50 PM UTC
      RE: GPG signingyeupouMon 16 Feb 2004 06:55:35 PM UTC
      RE: GPG signing 2yeupouMon 16 Feb 2004 07:01:47 PM UTC
            RE: GPG signing 2yeupouMon 16 Feb 2004 07:02:22 PM UTC


Post a followup to this message

You could post if you were logged in
Show feedback again

Back to the top

Powered by Savane 3.1-cleanup