Mail Archives: geda-user/2021/02/14/19:44:11
| X-Authentication-Warning: | delorie.com: mail set sender to geda-user-bounces using -f
|
| X-Recipient: | geda-user AT delorie DOT com
|
| X-Original-DKIM-Signature: | v=1; a=rsa-sha256; c=relaxed/relaxed;
|
| d=gmail.com; s=20161025;
|
| h=mime-version:references:in-reply-to:from:date:message-id:subject:to;
|
| bh=xF+9L7S+zBpBBFGuyMBKCchs4F5tos4vZiNiwgRa8Ww=;
|
| b=Ld3ls1SxTHUjRPtJ3p6iFQtDatilcU8PQOilQAv8dObJ7ZnCUqPXrpsZU2kbC7zRT+
|
| 36dfc8O6ndKKcx32N28RkA7N5zWX84sfabueUAmsGOi2/7IDqmx1KvDvXOOM2d4xZu3T
|
| yPEU0ufwpuiMz08qttl7Zpq3IsQ/hJmTGDYF+OXRxYjLPmyVnirFy9dAwgnjOCph+Nvn
|
| 5wZAJX0Tzcd0rQe+1hk6gRujBgxUW6cjqVg7HD3cgvi0EBlsfcj4Ny+89rpR89uUPkVM
|
| VwdL7kjcD+dTw+sgoAz4RKsGTlKdzQKGIzldaqh7XuTPeCGzMaBNm54ZP55+Fs1GLUZq
|
| CYSQ==
|
| X-Google-DKIM-Signature: | v=1; a=rsa-sha256; c=relaxed/relaxed;
|
| d=1e100.net; s=20161025;
|
| h=x-gm-message-state:mime-version:references:in-reply-to:from:date
|
| :message-id:subject:to;
|
| bh=xF+9L7S+zBpBBFGuyMBKCchs4F5tos4vZiNiwgRa8Ww=;
|
| b=j1Zlg4LnGUflmYgyf3o4/WNibVj+G5cBUkrTu74+EANJifAtYvKwvcQLUu/g+qvm0A
|
| /Sq3brYMWdsa2jfNcTlzDvak/zdi9YygcrJ/l39kNNlHm9bNzXq3U/SYBni+7rJXOpFB
|
| Pyyr41Qr6hUrs20tcFrSStZKbbDK0G3SYAS4AwhB4F5Ak4H+vESqYOo2rgdEiIrDO1B0
|
| Hv28zu+lS65aogJz/fHKxf1zi2ZBWvCUYAiIG39qvZJ1ZPZUK2LbndVzEoowYgZUBKuD
|
| cpLTiatVekSIzxLG5kF06jCGosjIeh2c/tjJ5t6bDmeFWbxiAlVntd4Og/FnNQitGEOL
|
| rEJQ==
|
| X-Gm-Message-State: | AOAM530ae3JOYxJHAnXrM34Jl5EoxrcfEpnNwbCa8298hdGXnCv9ehuS
|
| sCc/MDDWUhjk/tl7IzPr0vJR6CloJ8C2lx24Dm+NX/do
|
| X-Google-Smtp-Source: | ABdhPJxidV5C0wxtCdWUV/RS6yv+qhj7CG177Zyv71HWsKPsihiaCxKA2LTZTrJaDCqqaTuKUkiX2w0Rq2OwqwhWspk=
|
| X-Received: | by 2002:a05:6512:3607:: with SMTP id f7mr6786768lfs.245.1613349759642;
|
| Sun, 14 Feb 2021 16:42:39 -0800 (PST)
|
| MIME-Version: | 1.0
|
| References: | <bde96a88-b800-6222-6138-69de5d03f0c2 AT fastmail DOT com>
|
| <20210110065529 DOT A5C7E82966EF AT turkos DOT aspodata DOT se> <20210214212322 DOT DAE81807BE6E AT turkos DOT aspodata DOT se>
|
| <d29c68d0-9052-b397-1a88-200c3864eb49 AT fastmail DOT com>
|
| In-Reply-To: | <d29c68d0-9052-b397-1a88-200c3864eb49@fastmail.com>
|
| From: | "Erich Heinzle (a1039181 AT gmail DOT com) [via geda-user AT delorie DOT com]" <geda-user AT delorie DOT com>
|
| Date: | Mon, 15 Feb 2021 11:12:27 +1030
|
| Message-ID: | <CAHUm0tMSmPEvOgK3vJXeVakT22_qnLeVDqkwBcaPvbJg+pqdug@mail.gmail.com>
|
| Subject: | Re: [geda-user] No https for pcb-rnd
|
| To: | geda-user <geda-user AT delorie DOT com>
|
| Reply-To: | geda-user AT delorie DOT com
|
--00000000000052714c05bb554398
Content-Type: text/plain; charset="UTF-8"
Incidentally, there are some nodes on the pcb-rnd knowledge pool talking to
the security issues of software signing, https, etc, in case anyone is
interested
http://repo.hu/cgi-bin/pool.cgi?project=pcb-rnd&cmd=show&node=https
http://repo.hu/cgi-bin/pool.cgi?project=pcb-rnd&cmd=show&node=sign
Regards,
Erich
On Mon, 15 Feb 2021 09:33 Girvin Herr (gherrl AT fastmail DOT com) [via
geda-user AT delorie DOT com], <geda-user AT delorie DOT com> wrote:
>
> On 2/14/21 1:23 PM, karl AT aspodata DOT se [via geda-user AT delorie DOT com] wrote:
> > Karl Hammar:
> >> Girvin Herr:
> >>> In the name of computer security, I am going through all of my browser
> >>> bookmarks and rejecting all websites that do not support the https
> >>> protocol.
> >> ...
> >>
> >> So would a self signed certificate suffice -- since then you are using
> >> "https".
> > I found out that you can use https://letsencrypt.org/ instead of a
> > self-signed cert:
> > Let's Encrypt is a free, automated, and open certificate authority
> > brought to you by the nonprofit Internet Security Research Group
> (ISRG).
> >
> > It was pretty simple to get it to work with
> > https://github.com/diafygi/acme-tiny
> >
> > Feel free to ask me if you need any help with setting it up.
> >
> > Regards,
> > /Karl Hammar
> >
> Karl,
>
> Thanks for the information. I will make note of it in case I need it.
> This thread is a bit old, but since I last posted to it, I had
> discovered that many websites that do not use https for their home page,
> do use it for their e-business login, so I don't have a problem with
> them. It is the ones who conduct business in the clear that I put in
> quarantine and they were few. A while back, Firefox was complaining
> about my login to LinuxQuestions.org. They were conducting my login in
> the clear. They have since corrected that error.
>
> As for certificates, Slackware does update the "ca-certificates" package
> fairly regularly, so I have not been having any problems with
> certificates. The last time I was having a certificate problem was when
> my CMOS battery ran low without my notice and caused the certificate
> time checks to fail. Once I replaced the battery and re-set the clock,
> everything ran fine again.
>
> Thanks again for the info and take care.
>
> Girvin
>
>
>
>
--00000000000052714c05bb554398
Content-Type: text/html; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
<div dir=3D"auto"><div dir=3D"auto">Incidentally, there are some nodes on t=
he pcb-rnd knowledge pool talking to the security issues of software signin=
g, https, etc, in case anyone is interested</div><div dir=3D"auto"><br></di=
v><a href=3D"http://repo.hu/cgi-bin/pool.cgi?project=3Dpcb-rnd&cmd=3Dsh=
ow&node=3Dhttps">http://repo.hu/cgi-bin/pool.cgi?project=3Dpcb-rnd&=
cmd=3Dshow&node=3Dhttps</a><div dir=3D"auto"><br></div><div dir=3D"auto=
"><a href=3D"http://repo.hu/cgi-bin/pool.cgi?project=3Dpcb-rnd&cmd=3Dsh=
ow&node=3Dsign">http://repo.hu/cgi-bin/pool.cgi?project=3Dpcb-rnd&c=
md=3Dshow&node=3Dsign</a><br></div><div dir=3D"auto"><br></div><div dir=
=3D"auto">Regards,</div><div dir=3D"auto"><br></div><div dir=3D"auto">Erich=
</div></div><br><div class=3D"gmail_quote"><div dir=3D"ltr" class=3D"gmail_=
attr">On Mon, 15 Feb 2021 09:33 Girvin Herr (<a href=3D"mailto:gherrl AT fastm=
ail.com">gherrl AT fastmail DOT com</a>) [via <a href=3D"mailto:geda-user AT delorie.=
com">geda-user AT delorie DOT com</a>], <<a href=3D"mailto:geda-user AT delorie DOT co=
m">geda-user AT delorie DOT com</a>> wrote:<br></div><blockquote class=3D"gmail=
_quote" style=3D"margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:=
1ex"><br>
On 2/14/21 1:23 PM, <a href=3D"mailto:karl AT aspodata DOT se" target=3D"_blank" r=
el=3D"noreferrer">karl AT aspodata DOT se</a> [via <a href=3D"mailto:geda-user AT del=
orie.com" target=3D"_blank" rel=3D"noreferrer">geda-user AT delorie DOT com</a>] w=
rote:<br>
> Karl Hammar:<br>
>> Girvin Herr:<br>
>>> In the name of computer security, I am going through all of my=
browser<br>
>>> bookmarks and rejecting all websites that do not support the h=
ttps<br>
>>> protocol.<br>
>> ...<br>
>><br>
>> So would a self signed certificate suffice -- since then you are u=
sing<br>
>> "https".<br>
> I found out that you can use <a href=3D"https://letsencrypt.org/" rel=
=3D"noreferrer noreferrer" target=3D"_blank">https://letsencrypt.org/</a> i=
nstead of a<br>
> self-signed cert:<br>
>=C2=A0 =C2=A0Let's Encrypt is a free, automated, and open certifica=
te authority<br>
>=C2=A0 =C2=A0brought to you by the nonprofit Internet Security Research=
Group (ISRG).<br>
><br>
> It was pretty simple to get it to work with<br>
>=C2=A0 =C2=A0<a href=3D"https://github.com/diafygi/acme-tiny" rel=3D"no=
referrer noreferrer" target=3D"_blank">https://github.com/diafygi/acme-tiny=
</a><br>
><br>
> Feel free to ask me if you need any help with setting it up.<br>
><br>
> Regards,<br>
> /Karl Hammar<br>
><br>
Karl,<br>
<br>
Thanks for the information. I will make note of it in case I need it. <br>
This thread is a bit old, but since I last posted to it, I had <br>
discovered that many websites that do not use https for their home page, <b=
r>
do use it for their e-business login, so I don't have a problem with <b=
r>
them. It is the ones who conduct business in the clear that I put in <br>
quarantine and they were few. A while back, Firefox was complaining <br>
about my login to LinuxQuestions.org. They were conducting my login in <br>
the clear. They have since corrected that error.<br>
<br>
As for certificates, Slackware does update the "ca-certificates" =
package <br>
fairly regularly, so I have not been having any problems with <br>
certificates. The last time I was having a certificate problem was when <br=
>
my CMOS battery ran low without my notice and caused the certificate <br>
time checks to fail. Once I replaced the battery and re-set the clock, <br>
everything ran fine again.<br>
<br>
Thanks again for the info and take care.<br>
<br>
Girvin<br>
<br>
<br>
<br>
</blockquote></div>
--00000000000052714c05bb554398--
- Raw text -