[Operators] removal of 0nl1ne.at

Nikolaus Polak mail at nikolauspolak.info
Sun Aug 24 14:32:55 UTC 2014


Hello,

I've no problem with the removal of 0nl1ne.at from the xmpp.net index,  
the only thing I wanted to tell public to stpeter: the comment is  
wrong, "insecure server" would mean that I failed to generate a new  
private key and a new certificate.
(Link to commit:  
https://github.com/stpeter/xmppdotnet/commit/3536374e66864f0a366775388455d6d374005af6  
)

As already written on this mailing list, StartSSL refused to renew my  
0nl1ne.at certificate because of the name (I could try to fool  
online.at-Users), which I understand partly.

I tried to switch to CaCert: but then 30% of S2S wasn't working after  
that because of their new signing method, which I also discussed on  
this mailing list, and nobody got until now a solution for that.

Perhaps you should remove all with certs older than a few months too  
from the index (easy: at least all CaCert signed which still have  
perfectly working S2S ;)), as not renewing after heartbleed is really,  
really insecure.
I even paid for revoking all my other certs on startssl.com, guess  
there are not much people out there who do this for a free service.

Sorry for this "small rant", with best regards,
Nik
-- 
Mit freundlichen Grüßen / with best regards,
Nikolaus Polak - http://nikolauspolak.info



More information about the Operators mailing list