I'm just saying it's a relatively new thing to think of SSL as something that users expect of any website. A few years ago, most people never saw an untrusted certificate warning. Now they see them (and they're worded way too strongly, in my opinion) and it's like the end of the world, when just a few years ago, we never had this kind of security. We depended on our local security, rather than the website we visit.
When all websites across the internet provide SSL security, then I think we better make sure we do too. Until then, we do our best. But I don't think we need to panic, or take any kind of excessive measures. I mean, that was your original question, wasn't it, whether we need to do more? Or whether we need to worry?
I don't think we need to do either. The certificate had a problem, not the website. (Thus my concern about how the warning is worded. It leads you to think the website has a problem, when it didn't.)
At least with my own website, I haven't seen any way to be notified in advance when a problem is about to happen with a certificate. I suppose our sysadmin could look into that? But as far as I know, the sysadmin learns about it when everyone else does. Other than be notified before the certificate has a problem I don't know any non-excessive way to protect against this problem.
All best, brynn
-----Original Message----- From: C R Sent: Thursday, May 09, 2019 2:17 PM To: brynn Cc: Inkscape User Community ; Ryan Gorley ; inkscape-devel Subject: Re: [Inkscape-user] [Inkscape-devel] Vectors Meeting - Tomorrow - Possible Postponement
If there's no login, there's no problem. Anywhere I'm entering in username and passwords, and storing stuff on a server, you better believe it should have encryption. But whether or not you think we need it, we are an official project who cares about the security of our users. We depend on mutual trust, and it looks very bad when browsers reject our invalid credentials (and rightly so).
Obviously, we want our users to trust us, and having official websites and chat services fail basic security checks destroys that confidence and trust.
So yea, big deal from my perspective. :)
-C
On Thu, May 9, 2019 at 4:43 PM brynn <brynn@...3089...> wrote: What about websites which have no certificate at all? You just don't use them? Those websites will never have warnings about the certificate, because they don't have one. It doesn't necessarily mean that they aren't safe sites. InkscapeForum.com is one of those, fyi.
Of course we can agree to disagree :-)
All best brynn
-----Original Message----- From: C R Sent: Thursday, May 09, 2019 7:42 AM To: Brynn Cc: Inkscape User Community ; Ryan Gorley ; inkscape-devel Subject: Re: [Inkscape-user] [Inkscape-devel] Vectors Meeting - Tomorrow - Possible Postponement
No, I didn't. But I think it's important for visitors to our site to be able to trust the chat (especially one you have to sign up for and log into). I disagree that it's not a big deal.
-C
On Thu, 9 May 2019, 13:25 brynn, <brynn@...3089...> wrote: Wow! I wonder if that could be some security setting in Chrome? I'd have to look it up to be sure, but I think it's an option in Firefox, to not load a page with an untrusted certificate. There are just so many untrusted certificates, on entirely trustworthy sites, I disabled it. I still get the warning, but the page isn't completely blocked.
Did you set a temporary exception? At least in Firefox, I got the option to set either a temporary or permanent exception, and that fixed the chat.
Or otherwise, perhaps Chrome should be notified. To my limited understanding, that doesn't seem reasonable to block the page and not give a choice.
brynn
-----Original Message----- From: C R Sent: Wednesday, May 08, 2019 1:57 PM To: Inkscape User Community Cc: Brynn ; Ryan Gorley ; inkscape-devel Subject: Re: [Inkscape-user] [Inkscape-devel] Vectors Meeting - Tomorrow - Possible Postponement
It actually broke the chat entirely in Chrome, even clicking past the warning, it still would not connect. Fyi
-C
On Tue, 7 May 2019, 23:32 Ryan Gorley via Inkscape-user, inkscape-user@lists.sourceforge.net wrote:
Understood. Had to make a call with imperfect information. Sorry for the inconvenience. I hope we can pick up the forum stuff at the meeting in a couple days.
Ryan
On 5/7/19 4:29 PM, brynn wrote: I'll have to be honest. This is just my opinion.
I don't consider an expired certificate, or whatever problem it was with the certificate, to be any kind of serious problem. I trust that the website is safe, and no serious threat will show up via untrusted certificate warning.
In my opinion, the untrusted certificate warnings are built on maximum paranoia. They truly do sound dire. But unless you are making some monetary transaction, or sharing files or info that should remain secure, they really can be ignored. Again, my opinion.
All best, brynn
-----Original Message----- From: C R Sent: Monday, May 06, 2019 8:32 AM To: Manuel Jesús Recena Soto Cc: inkscape-devel ; Inkscape User Community Subject: Re: [Inkscape-user] [Inkscape-devel] Vectors Meeting - Tomorrow - Possible Postponement
We are heavily using this chat across all parts of the project at the moment. Do we need to worry about stability? Thanks for any advice.
-C
On Sun, 5 May 2019, 20:04 Manuel Jesús Recena Soto, mailto:recena@...155... wrote:
Hello Ryan,
If you believe this chat service is critical, I suggest you to schedule a meeting with infrastructure team in order to find a better solution.
Regards,
On Sat, May 4, 2019 at 2:02 AM Ryan Gorley via Inkscape-devel mailto:inkscape-devel@lists.sourceforge.net wrote:
Hello All, Due to the certificate error on chat.inkscape.org, some individuals may be scared away from participating in our meeting tomorrow. I'm going to keep an eye on it, but if the error isn't resolved in the next couple hours I'm going to suggest we postpone our meeting one week. I'll update everyone on the status a little later.
- Ryan
_______________________________________________ Inkscape-devel mailing list Inkscape-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/inkscape-devel
_______________________________________________ Inkscape-user mailing list Inkscape-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/inkscape-user