Talk:SSL Encryption: Difference between revisions
|  (→Security?:  new section) |  (The stated SSL cert fingerprints appear out of date / Let's Encrypt, HSTS, article needs updating) | ||
| Line 1: | Line 1: | ||
| The stated SSL cert fingerprints appear out of date | == The stated SSL cert fingerprints appear out of date == | ||
| Notary Lookup for: anidb.net:443,2 | Notary Lookup for: anidb.net:443,2 | ||
| Line 32: | Line 32: | ||
| start:	1272957972 - Tue May 04 2010 | start:	1272957972 - Tue May 04 2010 | ||
| end:  	1303542973 - Sat Apr 23 2011 | end:  	1303542973 - Sat Apr 23 2011 | ||
| : The entire article should be updated in light of the December, 2015 change to Let's Encrypt certificates, including a mention of issues with certain subdomains not using those certificates and use of HSTS header / brwoser recall of HTTPS for all anidb subdomains. [[User:Belove|Belove]] ([[User talk:Belove|talk]]) 11:47, 23 January 2016 (UTC) | |||
| == Security? == | == Security? == | ||
Revision as of 11:47, 23 January 2016
The stated SSL cert fingerprints appear out of date
Notary Lookup for: anidb.net:443,2 Browser's Key = '95:ee:24:b6:c6:5d:32:74:a1:50:48:bb:73:7a:93:ea' Results: Quorum duration: 0.1 days Notary Observations:
Notary: cmu.ron.lcs.mit.edu:8080 ssl key: '95:ee:24:b6:c6:5d:32:74:a1:50:48:bb:73:7a:93:ea' start: 1303548229 - Sat Apr 23 2011 end: 1303548232 - Sat Apr 23 2011
Notary: convoke.ron.lcs.mit.edu:8080 ssl key: '39:ba:e3:5b:90:a0:c4:ff:1b:c7:32:00:67:bc:ca:aa' start: 1270897465 - Sat Apr 10 2010 end: 1272922215 - Mon May 03 2010 ssl key: '95:ee:24:b6:c6:5d:32:74:a1:50:48:bb:73:7a:93:ea' start: 1272922216 - Mon May 03 2010 end: 1303542914 - Sat Apr 23 2011
Notary: mvn.ron.lcs.mit.edu:8080 ssl key: '95:ee:24:b6:c6:5d:32:74:a1:50:48:bb:73:7a:93:ea' start: 1303542022 - Sat Apr 23 2011 end: 1303542434 - Sat Apr 23 2011
Notary: hostway.ron.lcs.mit.edu:8080 ssl key: '39:ba:e3:5b:90:a0:c4:ff:1b:c7:32:00:67:bc:ca:aa' start: 1270897465 - Sat Apr 10 2010 end: 1272957971 - Tue May 04 2010 ssl key: '95:ee:24:b6:c6:5d:32:74:a1:50:48:bb:73:7a:93:ea' start: 1272957972 - Tue May 04 2010 end: 1303542973 - Sat Apr 23 2011
- The entire article should be updated in light of the December, 2015 change to Let's Encrypt certificates, including a mention of issues with certain subdomains not using those certificates and use of HSTS header / brwoser recall of HTTPS for all anidb subdomains. Belove (talk) 11:47, 23 January 2016 (UTC)
Security?
"All requests for images, stylesheets and other page elements are NOT encrypted. Such requests should usually not be directed towards "anidb.net" but rather towards specific subdomains [and] do not include the AniDB authentication cookies and should thus not allow attackers to hijack your AniDB session."
You guys are aware there are ways to use css to trick various browsers into executing scripts, and hence running code that hijacks sessions and bypasses https... right? Dantman 02:23, 19 November 2012 (CET)