On Wed, Jan 21, 2009 at 9:45 AM, Ward Vandewege via RT <sysad...@gnu.org> wrote: >> [jyass...@gmail.com - Wed Jan 21 12:18:21 2009]: >> >> I just wanted to let you know that going to https://savannah.gnu.org/ >> fails in both Firefox 3.0.5 and Safari 3.2.1 saying that the issuer >> certificate is unknown. You should fix this to prevent >> man-in-the-middle attacks. > > We know, that was a decision made by the Savannah hackers. The > certificate is issued by cacert.org. You can talk to > savannah-hackers@gnu.org about this.
I'm sure I'm not the first person to run into this. Have you made any progress in getting the cacert root certificate into major browsers? If not, could you put a link to an explanation of the SSL warning next to the login link and any other link into an SSLed page? For that matter, do you have a description of why you've chosen to confuse your visitors? http://savannah.gnu.org/tls/ doesn't explain the decision. Thanks, Jeffrey
