Reply
Thread Tools
woody14619's Avatar
Posts: 1,455 | Thanked: 3,309 times | Joined on Dec 2009 @ Rochester, NY
#161
The limitations are both legal and for usage. Both sites clearly state these are for use by an individual for their own personal usage. Non-persons (like incorporated NFP) are not entitiled to get/use the free versions.

Even if we did get one, it would be for one site. Currently there are at least three separate site SSLs (bugs, garage, and another I can't recall). Wild-card certificates are different than single-site certificates, and just about every certificate authority will charge for those, even for individual use.

In the end, it will boil down to how urgent the need is vs the cost. Again, the cost of keeping a server up will dwarf the cost of getting an SSL certificate. (Servers cost more than 5 cents a day to keep running, in general.) But that's something to be decided later. If/when the Board gets the domain, servers, and/or enough funding to make any of the rest of this happen.
__________________
Maemo Council Member: May 2012 - November 2012
Hildon Foundation founding member.
Hildon Foundation Board of Directors: March 2013 - Jan 15, 2014
 

The Following User Says Thank You to woody14619 For This Useful Post:
Posts: 2,802 | Thanked: 4,491 times | Joined on Nov 2007
#162
Originally Posted by woody14619 View Post
The limitations are both legal and for usage. Both sites clearly state these are for use by an individual for their own personal usage. Non-persons (like incorporated NFP) are not entitiled to get/use the free versions.
Actually, CAcert are fine with organisations and don't have a paid version even if you wanted one. The catch is that their root cert is not pre-installed too widely yet (although Maemo used to ship with it).

Even if we did get one, it would be for one site. Currently there are at least three separate site SSLs (bugs, garage, and another I can't recall).
Wiki & lists at least, possibly others.

Wild-card certificates are different than single-site certificates
They are one option, others include subjectAltName, SNI, and of course one cert per hostname as is the current situation.

In the end, it will boil down to how urgent the need is vs the cost.
IMO TLS is not optional, but as I said any verifiable cert is fine by me, even if it's a self-signed one with a PGP-signed post of the fingerprints to the mailing list.
 

The Following 6 Users Say Thank You to lma For This Useful Post:
Reply

Tags
goodbye nokia, responsibility

Thread Tools

 
Forum Jump


All times are GMT. The time now is 08:48.