topbanner_forum
  *

avatar image

Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
  • Wednesday December 11, 2024, 10:14 am
  • Proudly celebrating 15+ years online.
  • Donate now to become a lifetime supporting member of the site and get a non-expiring license key for all of our programs.
  • donate

Author Topic: Secured Access to Forum  (Read 3549 times)

housetier

  • Charter Honorary Member
  • Joined in 2005
  • ***
  • default avatar
  • Posts: 1,321
    • View Profile
    • Donate to Member
Secured Access to Forum
« on: January 14, 2008, 07:33 AM »
I just saw it is possible to access dc.com via https. While I think this is absolutely terrific, my favorite webbrowser does not like the fact that some content is not transmitted via https. So far I have added an exception for dc.com so firefox will accept the certificate. Also the certificate does not seem to be signed by a Certificate Authority (CA) such as CAcert.org.

The red font indicates something: red-adddress-bar.pngSecured Access to Forum

Also, the lock symbol is "broken": broken-lock.pngSecured Access to Forum

And when I look at the details, I see why the address is red and the lock is broken: partial-encrpytion.pngSecured Access to Forum

CAcert is a CA whose certificates are free, which is why its competitor fight hard so software vendors won't include their Root Certificates into products...

cacert300x120.png

There are instructions how to get a certificate signed by CAcert. Then users only need to import (and trust) the Root Certificate from CAcert: PEM format seems to be right for most browsers except Internet Explorer.

If dc.com could get a server certificate from, say, verisign, users would not have to do anything; however, these certificates usually cost money. I know all this is a hassle, but in this day and age security, protection, or trust don't come easy...