Mailinglist Archive: opensuse-translation (161 mails)

< Previous Next >
Re: [opensuse-translation] Error when using your svn server
  • From: Alberto Passalacqua <alberto.passalacqua@xxxxxx>
  • Date: Thu, 15 May 2008 20:36:13 -0500
  • Message-id: <1210901773.5683.1.camel@xxxxxxxxxxxxxxxxxx>

Why don't you simply accept (press p) the new key? :-)

Because I want to know if that is the correct procedure!

If I accept as valid a changed certificate with no (independent)
validation, there is no security at all. I might as well be using
telnet or plain http.

Perhaps the correct thing is to add a master certificate to /etc/ssl/certs
and consider Novell as a valid CA. Or perhaps Novell should buy a
certificate. I dunno.

I dunno. So I ask. This is an enterprise level server, it is not mine, and
I don't want to do anything wrong. There is a responsibility. I prefer to
ask first and be told what to do.


But changing a certificate from under our feet, without been told, and
after much insistence, learning that I should accept for ever the
certificate after comparing the fingerprint to the fingerprint posted in a
wiki... a wiki, by definition, can be changed by anyone.

It doesn't feel right.

Maybe I'm too paranoid. Or too security conscious.


Hehe, we are not speaking of closed code, or of secrets things, but of
translations.

The worst it can happen is that you need to go back in time through SVN,
in case you make a mistake. So, don't worry, and accept the certificate.
As explained on bugzilla, it's the right choice. :-)

Regards,
Alberto

---------------------------------------------------------------------
To unsubscribe, e-mail: opensuse-translation+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse-translation+help@xxxxxxxxxxxx

< Previous Next >