Search Mailing List Archives


Limit search to: Subject & Body Subject Author
Sort by: Reverse Sort
Limit to: All This Week Last Week This Month Last Month
Select Date Range     through    

[liberationtech] Y! / SSL

Philipp Winter phw at nymity.ch
Mon Oct 6 02:12:34 PDT 2014


On Mon, Oct 06, 2014 at 11:52:02AM +0800, Eric S Johnson wrote:
> I just got back to CN from a vacation. I’m now (in all three main
> Windows browsers) seeing yahoo.com automatically flip over to
> HTTPS--and then give a bad cert error. The *root* cert is listed as
> yahoo.com and is valid “23 Sep 14 to 23 Sep 15.”
>
> Is Y! experimenting with making access to their resources
> always-only-HTTPS? Are they having certificate problems? “HTTP only”
> seems like a good direction in which to go, but teaching people to
> accept bad cert warnings seems like a bad direction in which to go.

GreatFire.org seems to have seen the same.  At least the certificate
life time is identical:
<https://twitter.com/GreatFireChina/status/516872770270269440>

Cheers,
Philipp



More information about the liberationtech mailing list