/what/ -...

me laughing at sockmin for using a self signed cert and not redirecting 80 to 443

Marisa saying "へー…マジー?

>>23116
I'd redirect to 443 if modern browsers didn't give scary warnings over self-signed certs.

ｷﾀ━━━(ﾟ∀ﾟ)━━━!!

>>23119
I can set my self-signed certificate to expire whenever I want.

So I chose 2 decades in the future, happened to be 2037 at the time.

Also you can see it's using TLS 1.3

Completely standard and functional encryption, the point of HTTPS still fully works, no one can see anything you send or receive between /what/ and your computer, except /what/'s server and you.

>>23120
thanks watmin
based web nerd

also
tidus hungers for desktops

>>23119
my number is a bit different to yours….

whatmin doesn't really know what a MITM attack is yet, so he doesn't really understand what risks there are with self-signed certificates.

However, most of this risk could be mitigated if he, for example, put the fingerprint of the certificate up in the header somewhere or something. It doesn't have to be complicated. That way, if you're paranoid, you can view the cert's fingerprint and compare it to the one that whatmin has published.


<> but how do you know that whatmin published the fingerprint?? what if someone hackered in the middle and use a different cert and then also hackered /what/ and changed the fingerprint that's displayed???

you just hab tobleave

>>23126
He's so dumb it's probably easy to hack him

>>23126
or just use lets encrypt…

>>23126
/what/min fix this shit before an attacker steals my /what/ credentials!!