Join us on Discord!
You can help CodeWalrus stay online by donating here.

Forced https? ???

Started by Dream of Omnimaga, July 24, 2015, 08:33:25 PM

Previous topic - Next topic

0 Members and 2 Guests are viewing this topic.

novenary

Because they are verified by a Certificate Authority, and it's the only way the certificates are going to be trusted blindly by a browser. Otherwise you get the warning message that's extremely discouraging for most users.

Snektron

$30 or more per year seems like an awful lot of money just to put something in a database...
  • Calculators owned: TI-84+
Legends say if you spam more than DJ Omnimaga, you will become a walrus...


novenary

With the higher trust levels which are more expensive, you also have to meet members of the CA to confirm your identity and stuff. Even when I registered for free certs at StartSSL (for another project), I had to answer a phone call to confirm that the phone number I gave was mine. That's why they make you pay apparently.

Snektron

Oh yeah, now i rememeber why i didn't get a certificate there :P
  • Calculators owned: TI-84+
Legends say if you spam more than DJ Omnimaga, you will become a walrus...


Lionel Debroux

There are two parts in secure transmissions: encryption (with PFS ciphers, of course - non-PFS ciphers are much easier to bypass, and must therefore not be used), and identity (checking, with some reasonable certainty, that the peer is what it pretends to be). Fundamentally, one can't create trust with cryptography, so CAs attempt to take care of the latter.
Currently, users don't have a choice, they need to go through the monopoly of the CA cartel, which imposes outrageous price tags (though Startcom sets apart from the crowd, by being cheap and relatively unintrusive) to users, while committing various occurrences of insecurity (DigiNotar and crew) or crimes (signing fake, trusted certificates for Google, as Symantec was most recently caught doing, triggering strong pushback by Google). Let's Encrypt will break that monopoly, at long last.
Member of the TI-Chess Team.
Co-maintainer of GCC4TI (GCC4TI online documentation), TIEmu and TILP.
Co-admin of TI-Planet.

novenary

That's basically it. The same thing happened with mobile phone carriers in France and in Israel, in both countries a new carrier jumped into the business, smashing the prices of the market, which caused the insane monopoly to end, and mobile data is now affordable (I pay 37 shekel/month, less than 10€, for 2h calls, unlimited SMS/MMS and 6GB mobile data including LTE).

Dream of Omnimaga

#51
I guess something that could be done is move img.codewalr.us to codewalr.us/imgupload or something and preserve old links so they forward to the new https URL.

And yeah money is always the issue >.<
Quote from: Streetwalrus on November 01, 2015, 10:45:43 AM
That's basically it. The same thing happened with mobile phone carriers in France and in Israel, in both countries a new carrier jumped into the business, smashing the prices of the market, which caused the insane monopoly to end, and mobile data is now affordable (I pay 37 shekel/month, less than 10€, for 2h calls, unlimited SMS/MMS and 6GB mobile data including LTE).
In Canada, many new phone companies did that as well, but only recently. THe same thing happened with Internet, with resellers popping up everywhere. But the problem is that Bell company is trying to take them down via some anti-competitive tactics and stuff like that, and if others close down then Bell could raise their prices as high as they want. There is a petition going around about it https://act.openmedia.org/emergency?utm_campaign=7012&tdid=127
  • Calculators owned: TI-82 Advanced Edition Python TI-84+ TI-84+CSE TI-84+CE TI-84+CEP TI-86 TI-89T cfx-9940GT fx-7400G+ fx 1.0+ fx-9750G+ fx-9860G fx-CG10 HP 49g+ HP 39g+ HP 39gs (bricked) HP 39gII HP Prime G1 HP Prime G2 Sharp EL-9600C
  • Consoles, mobile devices and vintage computers owned: Huawei P30 Lite, Moto G 5G, Nintendo 64 (broken), Playstation, Wii U

Powered by EzPortal