:: Re: [DNG] problem at talk.devuan.or…
Forside
Slet denne besked
Besvar denne besked
Skribent: Arnt Karlsen
Dato:  
Til: dng
Emne: Re: [DNG] problem at talk.devuan.org?
On Wed, 5 Apr 2017 06:35:40 +0200, Miroslav wrote in message
<20170405043540.GA9912@???>:

> On 170403-23:32+0200, Massimiliano Baldinelli wrote:
> > Ciao!
> >
> > I don't know if its' an already known issue, but since this morning
> > I'm getting a SEC_ERROR_EXPIRED_CERTIFICATE when browsing
> > talk.devuan.org.
> >
> > Max.
>
> I just tried to open, in Palemoon, in my Gentoo, pasted
> talk.devuan.org, and it turned into HTTPS [1]
> https://talk.devuan.org/
>
> And I got:
>
> This Connection is Untrusted
>
> You have asked Pale Moon to connect securely to talk.devuan.org, but
> we can't confirm that your connection is secure.
>
> Normally, when you try to connect securely, sites will present trusted
> identification to prove that you are going to the right place.
> However, this site's identity can't be verified. What Should I Do?
>
> If you usually connect to this site without problems, this error could
> mean that someone is trying to impersonate the site, and you shouldn't
> continue.
> ...


..trying with Chromium, I get:
"Your connection is not private

Attackers might be trying to steal your information from
talk.devuan.org (for example, passwords, messages, or credit cards).
NET::ERR_CERT_DATE_INVALID ReloadHIDE ADVANCED talk.devuan.org
normally uses encryption to protect your information. When Chromium
tried to connect to talk.devuan.org this time, the website sent back
unusual and incorrect credentials. This may happen when an attacker is
trying to pretend to be talk.devuan.org, or a Wi-Fi sign-in screen has
interrupted the connection. Your information is still secure because
Chromium stopped the connection before any data was exchanged.

You cannot visit talk.devuan.org right now because the website uses
HSTS. Network errors and attacks are usually temporary, so this page
will probably work later. Learn more."

..trying http://talk.devuan.org/ , I immediately get thrown back to
the https mess above.

>
>
> ---
> [1]
> which is not necessarily the case for e.g. dev1galaxy.org, they allow
> HTTP, so if your browser, e.g. Pale Moon --poor or no support from
> HTTPS Everywhere-- does not seek HTTPS automatically, dev1galaxy.org
> will even log you on in plaintext: that's an issue, to my
> understanding; I already reported it to dev1galaxy.org maintainers
>



--
..med vennlig hilsen = with Kind Regards from Arnt Karlsen
...with a number of polar bear hunters in his ancestry...
Scenarios always come in sets of three:
best case, worst case, and just in case.