Yeah it's largely theoretical. I'm trying to make software that will work decades from now. But also just a few remnant https suspicions.
-
-
Replying to @sortiecat @RichFelker
As I switch to https, it becomes up to CAs whether people can connect, and current TLS clients can't connect to TLS servers decades from.
2 replies 0 retweets 0 likes -
Replying to @sortiecat @RichFelker
I get my https cert for free on my webhost, and I might switch, so a bit afraid to HSTS preload. Maybe they start charging at some point.
1 reply 0 retweets 0 likes -
Replying to @sortiecat @RichFelker
I look forward to switching to some infrastructure I control a bit more myself. So yeah, maybe there's no problem here.
1 reply 0 retweets 0 likes -
Replying to @sortiecat
I would just switch to vps +
@letsencrypt. It's going to be at most a couple $ more than your current webhost (probably less), & certainly..1 reply 1 retweet 0 likes -
Replying to @RichFelker @sortiecat
...you're going to have a lot more control over stuff being done right.
1 reply 0 retweets 0 likes -
Replying to @RichFelker
Absolutely
@letsencrypt seems like the way of the future. I'd love to have a port of it to#sortix and use it with my httpd port.2 replies 1 retweet 0 likes -
Replying to @sortiecat @letsencrypt
If you have Python building/running there are already a couple good minimal/auditable acme client implementations you can use.
1 reply 1 retweet 2 likes -
Replying to @RichFelker @letsencrypt
Yeah I got a Python 3 largely working, I was planning on checking out a reasonably sized lets encrypt implementation and port if good.
1 reply 0 retweets 0 likes -
Replying to @sortiecat
If it's python, no porting is needed. AFAIK there are no "reasonably sized" C implementations. Too much protocol infrastructure mess.
3 replies 0 retweets 0 likes
I use acme-tiny:https://github.com/diafygi/acme-tiny/ …
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.