Re: SweetAda 0.1g released

[Gabriele Galeotti <gabriele.galeotti.xyz@gmail.com>]

On Tuesday, November 17, 2020 at 2:50:05 PM UTC+1, Mart van de Wege wrote:
> Since we have the key fingerprints, and the certificate is the same, 
> both connection are equally secure. 
> 
> Don't let yourself be frightened by the security theatre around 
> certificates. The *only* thing they prove is that a private key that 
> belongs to the name in the public key that was certified by a CA 
> (Letsencrypt in this case) is on the server you're connecting to. That's 
> all. There is nothing more the SSL/TLS protocols can prove. 
> 
> So the server answering to sweetada.org has access to the same key as 
> the server answering to www.sweetada.org. And we know it's the same 
> server. Since Letsencrypt certified that the key belonging to the 
> www.sweetada.org certificate should be the one presented, and it is, 
> that means both servers are equally 'secure'. 
> 
> Note that I said nothing about whether or not it is a malicious server 
> or not; that's not something SSL/TLS can answer. 
> 
> So don't worry. We know about it, and letsencrypt should normally let 
> you fix this easily.
> Mart 
> 
> -- 
> "We will need a longer wall when the revolution comes." 
> --- AJS, quoting an uncertain source.

Thanks a lot Mart.
Anyway,  to have a flag of a site not secure from the browser is aesthetically unpleasant,
I'll try to slowly fix it in the future, no problem.
Best regards
G