Search Mailing List Archives


Limit search to: Subject & Body Subject Author
Sort by: Reverse Sort
Limit to: All This Week Last Week This Month Last Month
Select Date Range     through    

[liberationtech] Y! / SSL

Andrew Lewis me at andrewlew.is
Sun Oct 5 20:58:37 PDT 2014


I am also flipping over to HTTPS, and chrome is reporting that the cert is valid, and upon inspection all looks as it should be. The trust chain goes up to a Versign root cert, so my guess is that is a bad cert you are seeing, and if inside china it might just be a plain old mitm.

-Andrew


On Oct 5, 2014, at 11:52 PM, Eric S Johnson <crates at oneotaslopes.org> wrote:

> I just got back to CN from a vacation. I’m now (in all three main Windows browsers) seeing yahoo.com automatically flip over to HTTPS--and then give a bad cert error. The *root* cert is listed as yahoo.com and is valid “23 Sep 14 to 23 Sep 15.”
>  
> Is Y! experimenting with making access to their resources always-only-HTTPS? Are they having certificate problems? “HTTP only” seems like a good direction in which to go, but teaching people to accept bad cert warnings seems like a bad direction in which to go.
>  
> Best,
> Eric
> OpenPGP: 0x1AF7E6F2 ● Skype: oneota ● XMPP/OTR: berekum at jabber.ccc.de ● Silent Circle: +1 312 614-0159
> -- 
> Liberationtech is public & archives are searchable on Google. Violations of list guidelines will get you moderated:https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at companys at stanford.edu.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.stanford.edu/pipermail/liberationtech/attachments/20141005/facd4f1a/attachment.html>


More information about the liberationtech mailing list