So, it looks like http://cacerts.org certs are useless. Is there currently any source of useful free certs?
@timbray @dstufft @steveklabnik X.509 is pretty goddamn broken, which really diminishes their value. Needs more name constraints
-
-
@bascule Value of removing plain-text is still hugely positive. Worried about the perfect being the enemy of the good. -
@timbray if that's your goal, it's better done via STARTTLS or TCPINC-style opportunistic encryption -
@bascule Not sure about “better”, but those are really good ideas that deserve wider adoption.
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.