[Operators] removal of 0nl1ne.at
stpeter at stpeter.im
Sun Aug 24 16:43:26 UTC 2014
You're right that the comment wasn't helpful - I used the same comment
for every server that scored "F".
I'll reply more later - just running out the door here.
On 8/24/14, 8:32 AM, Nikolaus Polak wrote:
> I've no problem with the removal of 0nl1ne.at from the xmpp.net index,
> the only thing I wanted to tell public to stpeter: the comment is wrong,
> "insecure server" would mean that I failed to generate a new private key
> and a new certificate.
> (Link to commit:
> As already written on this mailing list, StartSSL refused to renew my
> 0nl1ne.at certificate because of the name (I could try to fool
> online.at-Users), which I understand partly.
> I tried to switch to CaCert: but then 30% of S2S wasn't working after
> that because of their new signing method, which I also discussed on this
> mailing list, and nobody got until now a solution for that.
> Perhaps you should remove all with certs older than a few months too
> from the index (easy: at least all CaCert signed which still have
> perfectly working S2S ;)), as not renewing after heartbleed is really,
> really insecure.
> I even paid for revoking all my other certs on startssl.com, guess there
> are not much people out there who do this for a free service.
> Sorry for this "small rant", with best regards,
More information about the Operators