[Cryptech Tech] The cert for cryptech.is

Leif Johansson leifj at sunet.se
Sat Mar 29 08:56:28 UTC 2014 

You have several good points. I think we need to take these outside reactions seriously!

> 29 mar 2014 kl. 08:58 skrev "Joachim Strömbergson" <joachim at secworks.se>:
> 
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA256
> 
> Aloha!
> 
> Leif Johansson wrote:
>> its actually not self-signed but published as a TLSA-record.. right?
> 
> It is not issued by a CA in the users trust stores. And on the
> cryptech.is page we even state:
> 
> "Some functions on this site require HTTPS. You may see warnings about
> an untrusted certificate. There's nothing wrong, this just means that
> your web browser doesn't know about the Certification Authority that we use.
> 
> Here's where to find a ​PGP-signed version of the HACTRN CA certificate,
> which issued the TLS server certificate used on this site.
> 
> There's no particular reason why you should trust the Certification
> Authorities whose CA certificates came with your web browser either, but
> of course almost everybody does. Food for thought."
> 
> - -- 
> Med vänlig hälsning, Yours
> 
> Joachim Strömbergson - Alltid i harmonisk svängning.
> ========================================================================
> Joachim Strömbergson          Secworks AB          joachim at secworks.se
> ========================================================================
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG/MacGPG2 v2.0.22 (Darwin)
> Comment: GPGTools - http://gpgtools.org
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
> 
> iQIcBAEBCAAGBQJTNn0JAAoJEF3cfFQkIuyNUW0QALmFJiBv3lN1vnE3GSAmOrYu
> DYe34RJEb1ajR9vx2npWwRQA+owUMMAwraUa11Z/gKZxySw2dMAdKEcic4SJI+Lo
> 3fCwnfw6O/gUR4Yn4DKHlMJPoVSyfZvukyTgNAoMopkP96L3JBiQ4RLqr28QkN/U
> 3lTxcTU0M2k7c1Lg0+BCLwH3uV35fLXO528icqshjLEEoSMPj6h3jGqkeFpKA28P
> bCOYhrrbS+dS54X2ruqH/5s3q/iBx2zwH7oIeJdOfVsnLWOuL9nCSoeTnZdzclFk
> p/PZ78FIQ0wmn0surGzpaa0yapJ1wJJ45OgwdkxKGPIpgGdx+gGycudHuTjIDZ8R
> WPaKszNfCG1kEG+wfFtu6IWzoRAZHiNyEeXDj4k4inMbFmKWUv7oQwQIv40GPnpU
> RCE4DYdoNiZ/VGv9wjUA0QoFxfGUkka1lM/EYLRFpOt08OL76kSYpz0j5dW3cNTJ
> hJcbM7EhPjz2GL4DV5qFV0OV1mcnNYH++XJCnXq4Tht4kcWhYM/kxZBayWm+OJJ8
> rnrqqOmTIZ/MkVVpQGdRAmgFn85QNhhCOOgL++ZRGeG3OL8K1RVvB53HO5nv/zbf
> SM1b9voIJkhvQg2lud8ZNjr0XHu2SL1OXzt7zz2f1qLSmrBVR/UDjOrvUc2HJXId
> NIBgEi7GiQzgaOzbCO+W
> =3rg+
> -----END PGP SIGNATURE-----

More information about the Tech mailing list