Mailinglist Archive: opensuse-translation (161 mails)

< Previous Next >
Re: [opensuse-translation] Error when using your svn server
  • From: "Carlos E. R." <robin.listas@xxxxxxxxxxxxxx>
  • Date: Fri, 16 May 2008 01:01:33 +0200 (CEST)
  • Message-id: <alpine.LSU.1.00.0805160042440.6038@xxxxxxxxxxxxxxxx>
Hash: SHA1

The Thursday 2008-05-15 at 15:17 -0500, Alberto Passalacqua wrote:

Why don't you simply accept (press p) the new key? :-)

Because I want to know if that is the correct procedure!

If I accept as valid a changed certificate with no (independent)
validation, there is no security at all. I might as well be using
telnet or plain http.

Perhaps the correct thing is to add a master certificate to /etc/ssl/certs and consider Novell as a valid CA. Or perhaps Novell should buy a certificate. I dunno.

I dunno. So I ask. This is an enterprise level server, it is not mine, and I don't want to do anything wrong. There is a responsibility. I prefer to ask first and be told what to do.

But changing a certificate from under our feet, without been told, and after much insistence, learning that I should accept for ever the certificate after comparing the fingerprint to the fingerprint posted in a wiki... a wiki, by definition, can be changed by anyone.

It doesn't feel right.

Maybe I'm too paranoid. Or too security conscious.

- -- Cheers,
Carlos E. R.
Version: GnuPG v2.0.4-svn0 (GNU/Linux)

To unsubscribe, e-mail: opensuse-translation+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse-translation+help@xxxxxxxxxxxx

< Previous Next >