X-Authentication-Warning: delorie.com: mail set sender to geda-user-bounces using -f X-Recipient: geda-user AT delorie DOT com X-Original-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to; bh=xF+9L7S+zBpBBFGuyMBKCchs4F5tos4vZiNiwgRa8Ww=; b=Ld3ls1SxTHUjRPtJ3p6iFQtDatilcU8PQOilQAv8dObJ7ZnCUqPXrpsZU2kbC7zRT+ 36dfc8O6ndKKcx32N28RkA7N5zWX84sfabueUAmsGOi2/7IDqmx1KvDvXOOM2d4xZu3T yPEU0ufwpuiMz08qttl7Zpq3IsQ/hJmTGDYF+OXRxYjLPmyVnirFy9dAwgnjOCph+Nvn 5wZAJX0Tzcd0rQe+1hk6gRujBgxUW6cjqVg7HD3cgvi0EBlsfcj4Ny+89rpR89uUPkVM VwdL7kjcD+dTw+sgoAz4RKsGTlKdzQKGIzldaqh7XuTPeCGzMaBNm54ZP55+Fs1GLUZq CYSQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to; bh=xF+9L7S+zBpBBFGuyMBKCchs4F5tos4vZiNiwgRa8Ww=; b=j1Zlg4LnGUflmYgyf3o4/WNibVj+G5cBUkrTu74+EANJifAtYvKwvcQLUu/g+qvm0A /Sq3brYMWdsa2jfNcTlzDvak/zdi9YygcrJ/l39kNNlHm9bNzXq3U/SYBni+7rJXOpFB Pyyr41Qr6hUrs20tcFrSStZKbbDK0G3SYAS4AwhB4F5Ak4H+vESqYOo2rgdEiIrDO1B0 Hv28zu+lS65aogJz/fHKxf1zi2ZBWvCUYAiIG39qvZJ1ZPZUK2LbndVzEoowYgZUBKuD cpLTiatVekSIzxLG5kF06jCGosjIeh2c/tjJ5t6bDmeFWbxiAlVntd4Og/FnNQitGEOL rEJQ== X-Gm-Message-State: AOAM530ae3JOYxJHAnXrM34Jl5EoxrcfEpnNwbCa8298hdGXnCv9ehuS sCc/MDDWUhjk/tl7IzPr0vJR6CloJ8C2lx24Dm+NX/do X-Google-Smtp-Source: ABdhPJxidV5C0wxtCdWUV/RS6yv+qhj7CG177Zyv71HWsKPsihiaCxKA2LTZTrJaDCqqaTuKUkiX2w0Rq2OwqwhWspk= X-Received: by 2002:a05:6512:3607:: with SMTP id f7mr6786768lfs.245.1613349759642; Sun, 14 Feb 2021 16:42:39 -0800 (PST) MIME-Version: 1.0 References: <20210110065529 DOT A5C7E82966EF AT turkos DOT aspodata DOT se> <20210214212322 DOT DAE81807BE6E AT turkos DOT aspodata DOT se> In-Reply-To: From: "Erich Heinzle (a1039181 AT gmail DOT com) [via geda-user AT delorie DOT com]" Date: Mon, 15 Feb 2021 11:12:27 +1030 Message-ID: Subject: Re: [geda-user] No https for pcb-rnd To: geda-user Content-Type: multipart/alternative; boundary="00000000000052714c05bb554398" Reply-To: geda-user AT delorie DOT com --00000000000052714c05bb554398 Content-Type: text/plain; charset="UTF-8" Incidentally, there are some nodes on the pcb-rnd knowledge pool talking to the security issues of software signing, https, etc, in case anyone is interested http://repo.hu/cgi-bin/pool.cgi?project=pcb-rnd&cmd=show&node=https http://repo.hu/cgi-bin/pool.cgi?project=pcb-rnd&cmd=show&node=sign Regards, Erich On Mon, 15 Feb 2021 09:33 Girvin Herr (gherrl AT fastmail DOT com) [via geda-user AT delorie DOT com], wrote: > > On 2/14/21 1:23 PM, karl AT aspodata DOT se [via geda-user AT delorie DOT com] wrote: > > Karl Hammar: > >> Girvin Herr: > >>> In the name of computer security, I am going through all of my browser > >>> bookmarks and rejecting all websites that do not support the https > >>> protocol. > >> ... > >> > >> So would a self signed certificate suffice -- since then you are using > >> "https". > > I found out that you can use https://letsencrypt.org/ instead of a > > self-signed cert: > > Let's Encrypt is a free, automated, and open certificate authority > > brought to you by the nonprofit Internet Security Research Group > (ISRG). > > > > It was pretty simple to get it to work with > > https://github.com/diafygi/acme-tiny > > > > Feel free to ask me if you need any help with setting it up. > > > > Regards, > > /Karl Hammar > > > Karl, > > Thanks for the information. I will make note of it in case I need it. > This thread is a bit old, but since I last posted to it, I had > discovered that many websites that do not use https for their home page, > do use it for their e-business login, so I don't have a problem with > them. It is the ones who conduct business in the clear that I put in > quarantine and they were few. A while back, Firefox was complaining > about my login to LinuxQuestions.org. They were conducting my login in > the clear. They have since corrected that error. > > As for certificates, Slackware does update the "ca-certificates" package > fairly regularly, so I have not been having any problems with > certificates. The last time I was having a certificate problem was when > my CMOS battery ran low without my notice and caused the certificate > time checks to fail. Once I replaced the battery and re-set the clock, > everything ran fine again. > > Thanks again for the info and take care. > > Girvin > > > > --00000000000052714c05bb554398 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
Incidentally, there are some nodes on t= he pcb-rnd knowledge pool talking to the security issues of software signin= g, https, etc, in case anyone is interested

On Mon, 15 Feb 2021 09:33 Girvin Herr (gherrl AT fastmail DOT com) [via geda-user AT delorie DOT com], <geda-user AT delorie DOT com> wrote:

On 2/14/21 1:23 PM, karl AT aspodata DOT se [via geda-user AT delorie DOT com] w= rote:
> Karl Hammar:
>> Girvin Herr:
>>> In the name of computer security, I am going through all of my= browser
>>> bookmarks and rejecting all websites that do not support the h= ttps
>>> protocol.
>> ...
>>
>> So would a self signed certificate suffice -- since then you are u= sing
>> "https".
> I found out that you can use https://letsencrypt.org/ i= nstead of a
> self-signed cert:
>=C2=A0 =C2=A0Let's Encrypt is a free, automated, and open certifica= te authority
>=C2=A0 =C2=A0brought to you by the nonprofit Internet Security Research= Group (ISRG).
>
> It was pretty simple to get it to work with
>=C2=A0 =C2=A0https://github.com/diafygi/acme-tiny=
>
> Feel free to ask me if you need any help with setting it up.
>
> Regards,
> /Karl Hammar
>
Karl,

Thanks for the information. I will make note of it in case I need it.
This thread is a bit old, but since I last posted to it, I had
discovered that many websites that do not use https for their home page, do use it for their e-business login, so I don't have a problem with them. It is the ones who conduct business in the clear that I put in
quarantine and they were few. A while back, Firefox was complaining
about my login to LinuxQuestions.org. They were conducting my login in
the clear. They have since corrected that error.

As for certificates, Slackware does update the "ca-certificates" = package
fairly regularly, so I have not been having any problems with
certificates. The last time I was having a certificate problem was when my CMOS battery ran low without my notice and caused the certificate
time checks to fail. Once I replaced the battery and re-set the clock,
everything ran fine again.

Thanks again for the info and take care.

Girvin



--00000000000052714c05bb554398--