[Juser] those pesky security warnings
stpeter at stpeter.im
Wed Mar 6 03:43:50 UTC 2013
-----BEGIN PGP SIGNED MESSAGE-----
tl;dr You shouldn't see those pesky security warnings anymore.
In December of last year, I installed a new security certificate at
jabber.org. When obtaining the certificate from StartSSL, I asked for
a SHA-256 fingerprint, rather than a SHA-1 fingerprint. Theoretically,
SHA-256 is more secure, but not if your software doesn't understand
SHA-256 -- in that case, your client will show you a security warning
(and your server might refuse to connect to jabber.org). It took me a
while (I had to upgrade my status at StartSSL to Class 2, and that
verification process requires both money and time), but this evening I
finally installed a corrected certificate using a SHA-1 fingerprint.
As a result, if you've been seeing security warnings for the last 10
weeks or so, you shouldn't see them the next time you log in.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.18 (Darwin)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
-----END PGP SIGNATURE-----
More information about the JUser