Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    [SOLVED] webConfigurator do not answer IPv6 requests

    Scheduled Pinned Locked Moved 2.1 Snapshot Feedback and Problems - RETIRED
    27 Posts 4 Posters 10.2k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • K
      kejianshi
      last edited by

      Well - The Military here and government (Serious sites for serious people, not for public use) don't submit their certs to anybody.
      Shows up red just like any self signed cert I'd make unless the people who use them install the certs in their trusted cert store.
      Thats also how I handle certs. Handed out by hand for friends I'd trust to certain things.

      But really - Certs have become a huge racket.  I'd say issuing certs is like printing money except paper does cost SOMETHING.

      1 Reply Last reply Reply Quote 0
      • K
        Klaws
        last edited by

        @kejianshi:

        But really - Certs have become a huge racket.  I'd say issuing certs is like printing money except paper does cost SOMETHING.

        You mean - you could operate a company which issues digital certificates from your parent's garage, and become a multi-millionaire? Amazing.

        http://en.wikipedia.org/wiki/Mark_Shuttleworth

        Of course, this is impossible to repeat nowadays. Shuttlework (Thawte) and Verisign were lucky enough to have their root certificates public key installed in the first Netscape browser. The rest is history.

        1 Reply Last reply Reply Quote 0
        • D
          doktornotor Banned
          last edited by

          @Klaws:

          You mean - you could operate a company which issues digital certificates from your parent's garage, and become a multi-millionaire? Amazing.

          Been tried and failed… Clearly, these days you need to pay $$$$$$$ to the right browser guys first, like CNNIC. ::)

          1 Reply Last reply Reply Quote 0
          • K
            Klaws
            last edited by

            Yep…too bad that Honest Achmed failed...now I have to buy my google.com certificates from TÜRKTRUST....

            1 Reply Last reply Reply Quote 0
            • K
              kejianshi
              last edited by

              I suppose it would be possible to start a open-authority (call it whatever you like) the same way OpenNIC runs alternate DNS.  You would have to set up an entirely new chain of authority, some servers, establish some system of trust and basically give away certs and rely on donations or something to keep things running.  Then you would need to get it into a major browser that isn't in CNNIC or whoever's pocket.  OR - People could just stop being stupid and ignore the idiot graffiti that pops up when someone uses a self signed cert.  Either way would work.

              Did I mention the word racket earlier?  Yeah…  Its a racket.

              1 Reply Last reply Reply Quote 0
              • D
                doktornotor Banned
                last edited by

                FYI, fixed in FF 24+

                https://bugzilla.mozilla.org/show_bug.cgi?id=633001#c96

                1 Reply Last reply Reply Quote 0
                • K
                  kejianshi
                  last edited by

                  Ahhhh-  Good.  Getting ready for IPV9 are they?

                  1 Reply Last reply Reply Quote 0
                  • First post
                    Last post
                  Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.