discuss AT lists.opennicproject.org

Subject: Discuss mailing list

List archive

Re: [opennic-discuss] Https login

From: Coyo <coyo AT darkdna.net>
To: discuss AT lists.opennicproject.org
Subject: Re: [opennic-discuss] Https login
Date: Thu, 28 Nov 2013 15:20:04 -0600

Hmm.

We need an alternative server-to-server authentication system to the CAs. The CA system is proven to be broken. Don't believe me? Call +1 415 436 9333 to contact the Electronic Frontier Foundation. Ask about Certificate Authority abuses such as forged signatures by Verisign and GoDaddy, and how ICE domain seizure is possible.

Although Comodo is relatively trustworthy (compared to Verisign), all Certificate Authorities are high-value targets for litigation or even private property raids and seizures. What a bunch of jackbooted Nazis.

I'd say use PGP, but that cryptosystem is not intended for server-to-server communications, and relies on manual involvement.

Isn't there a system proposed somewhere that let you place PGP certs in a DNS record? Wasn't there an RFC somewhere that proposed PGP-TLS extensions? I vaguely recall somewhere that there were some DNS records intended for the ability to use DANE to provide all authentication, without a single x.509 certificate anywhere. I'm pretty sure there was a proposed DNS record type to provide a PGP-signed x.509 certificate via DANE, but the reason I don't remember any of this is because the standardization organizations are 100% shills of corporations and governments.

As you may have gathered from previous commentary, I'm not a big fan of corporations and governments. I'm an anarchist, and I always will be.

On 11/28/2013 09:21 AM, wimmeit wrote:

For exaple:
http://reg.for.free/login/

El 28/11/13 12:34, Matthew George escribió:

can you at least give a url
On Fri, Nov 29, 2013 at 1:32 AM, wimmeit <matias.davila AT wimmeit.com> wrote:
When you loged in your domains login page (opennic domains) you connect via http, but http is insecure for a login, this is I talking about

El 28/11/13 12:29, Jon Hebb escribió:
Any context to what you are talking about?

On Nov 28, 2013 9:27 AM, "wimmeit" <matias.davila AT wimmeit.com> wrote:
the security is bad in the domain's administration page, the login is in
plane http, this is not good secure, my idea HTTPS.

--------
You are a member of the OpenNIC Discuss list.
You may unsubscribe by emailing discuss-unsubscribe AT lists.opennicproject.org
--------
You are a member of the OpenNIC Discuss list. 
You may unsubscribe by emailing discuss-unsubscribe AT lists.opennicproject.org

--------
You are a member of the OpenNIC Discuss list.
You may unsubscribe by emailing discuss-unsubscribe AT lists.opennicproject.org

--------
You are a member of the OpenNIC Discuss list. 
You may unsubscribe by emailing discuss-unsubscribe AT lists.opennicproject.org


--------
You are a member of the OpenNIC Discuss list. 
You may unsubscribe by emailing discuss-unsubscribe AT lists.opennicproject.org

[opennic-discuss] Https login, wimmeit, 11/28/2013
- Re: [opennic-discuss] Https login, Jon Hebb, 11/28/2013
  - Re: [opennic-discuss] Https login, wimmeit, 11/28/2013
    - Re: [opennic-discuss] Https login, Jon Hebb, 11/28/2013
    - Re: [opennic-discuss] Https login, Matthew George, 11/28/2013
      - Re: [opennic-discuss] Https login, wimmeit, 11/28/2013
        
        Re: [opennic-discuss] Https login, Jon Hebb, 11/28/2013
        
        Re: [opennic-discuss] Https login, Coyo, 11/28/2013
        
        Re: [opennic-discuss] Https login, Trevor Nelson, 11/28/2013
        
        Re: [opennic-discuss] Https login, Coyo, 11/28/2013
        Re: [opennic-discuss] Https login, Trevor Nelson, 11/30/2013