<html><head><style type='text/css'>body { font-family: Arial; font-size: 10pt; }p { margin: 0; }</style></head><body><div>Thanks so much, to everyone who's working on this! <span style="font-size: 10pt;">As someone who's spent a fair chunk of the last decade teaching people not to blindly click past warnings, this is important to me. </span></div><div><br></div><div>It's one thing for an internal nerds-only site to use a self-signed cert, because I assume everyone in a typical gaggle of admin-types understands what the scary warning dialogs mean, and when and why it's okay to click past them. <span style="font-size: 10pt;">But insofaras our group (i3detroit, but I assume I speak for others) prides itself on outreach and bridging the gaps between various DIY pursuits, computerized and otherwise, we have to recognize that not everyone will have expert-level skills in this specific area. (I do think it's right and proper to expect/require a base level of competence, but diving into "advanced" options is perhaps beyond that.)</span></div><div><span style="font-size: 10pt;"><br></span></div><div>In recent years, numerous other list-of-collaborative-workspaces sites have sprung up, asking us to create and maintain a presence within their surely-better-in-some-vague-way databases. I've scoffed at these efforts, both because scattered resources are less useful, and because The Big List is more inclusive, preserves edit history, allows a lot of free-form editing, and happens to live on the same site as a whole wealth of other hackerspace-related info. Sending people there encourages them to discover the rest of the resource. But if pointing people to our entry on The Big List requires them to click through scary warning dialogs, it's a reason to consider listing ourselves other places. I think that's harmful in the long term, so fixing the certificate issue ASAP is important.</div><div><br></div><div>-Nate B-</div><br>Mark Steward wrote:<br><blockquote style="margin-left: 8px; padding-left: 8px; border-left: 1px solid lightgrey">
<div dir="ltr">We're 90% of the way to getting a cert issued. Hopefully should be sorted in the next week or so.<div><br></div><div>Please bear with us.</div><div><br></div><div><br></div><div>Mark</div></div><div class="gmail_extra"><br><div class="gmail_quote">On Tue, May 12, 2015 at 3:06 PM, dosman <span dir="ltr"><<a href="mailto:dosman@packetsniffers.org">dosman@packetsniffers.org</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div style="word-wrap:break-word"><div>Not to fan the flames, but how many people actually take the time to verify the trust chain of certs that grew up on the right side of the tracks? Do you know where your cert has been spending time after school? The bad thing about the systems hate for self signed certs is that constantly having to click through alarm dialogs for them on your sites will easily cause you to miss a real cert problem.</div><div><br></div><div>But I digress, there are free CA’s now, probably best to use one of those.</div><div><div class="h5"><div><br></div><br><div><blockquote type="cite"><div>On May 12, 2015, at 9:36 AM, Morgan Gangwere <<a href="mailto:morgan.gangwere@gmail.com">morgan.gangwere@gmail.com</a>> wrote:</div><br><div><p dir="ltr">Matt, your libertarianism is showing ;^) CS's are bad mmkay etc etc. </p><p dir="ltr">Firefox also complained for me, as did Midori. It's very hard to verify a selfsig cert if you aren't the one running it.</p><p dir="ltr">Perhaps we (and by we I mean someone with admin tools access) should look into a cert from the CACert folks. It even fits Matt's "CAs are broken" mentality, because they know and want to subvert at least some.</p>
<div class="gmail_quote">On May 12, 2015 7:29 AM, "matt" <<a href="mailto:matt@nycresistor.com">matt@nycresistor.com</a>> wrote:<br type="attribution"><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr">Not that a valid one is more secure or anything. Google is basing their actions on a demonstrably false premise.<br></div><div class="gmail_extra"><br><div class="gmail_quote">On Tue, May 12, 2015 at 9:23 AM, Arthur Guy <span dir="ltr"><<a href="mailto:arthur@arthurguy.co.uk">arthur@arthurguy.co.uk</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr">The issue is the wiki is using a self signed certificate, until this is switched out for a valid one it will throw those errors.<div><div><div class="gmail_extra"><div><div><div dir="ltr"><br></div></div></div>
<br><div class="gmail_quote">On 12 May 2015 at 14:20, matt <span dir="ltr"><<a href="mailto:matt@nycresistor.com">matt@nycresistor.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr">I think google is probably on the wrong end of this one. So. I'd submit a bug report with google.<br></div><div><div><div class="gmail_extra"><br><div class="gmail_quote">On Tue, May 12, 2015 at 9:08 AM, Shirley Hicks <span dir="ltr"><<a href="mailto:shirley@velochicdesign.com">shirley@velochicdesign.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Hey all,<br>
<br>
Just went to check some things on the wiki and am having trouble getting to it from Google Chrome, with Google now having a built in preference for https sites.<br>
<br>
Anyone know what the http: vs. https status is for the <a href="http://hackerspaces.org/" target="_blank">hackerspaces.org</a> site and what the plans are for maintenance?<br>
<br>
Thanks,<br>
<br>
Shirley Hicks<br>
Red Mountain Makers<br>
_______________________________________________<br>
Discuss mailing list<br>
<a href="mailto:Discuss@lists.hackerspaces.org">Discuss@lists.hackerspaces.org</a><br>
<a href="http://lists.hackerspaces.org/mailman/listinfo/discuss" target="_blank">http://lists.hackerspaces.org/mailman/listinfo/discuss</a><br>
</blockquote></div><br></div>
</div></div><br>_______________________________________________<br>
Discuss mailing list<br>
<a href="mailto:Discuss@lists.hackerspaces.org">Discuss@lists.hackerspaces.org</a><br>
<a href="http://lists.hackerspaces.org/mailman/listinfo/discuss" target="_blank">http://lists.hackerspaces.org/mailman/listinfo/discuss</a><br>
<br></blockquote></div><br></div></div></div></div>
<br>_______________________________________________<br>
Discuss mailing list<br>
<a href="mailto:Discuss@lists.hackerspaces.org">Discuss@lists.hackerspaces.org</a><br>
<a href="http://lists.hackerspaces.org/mailman/listinfo/discuss" target="_blank">http://lists.hackerspaces.org/mailman/listinfo/discuss</a><br>
<br></blockquote></div><br></div>
<br>_______________________________________________<br>
Discuss mailing list<br>
<a href="mailto:Discuss@lists.hackerspaces.org">Discuss@lists.hackerspaces.org</a><br>
<a href="http://lists.hackerspaces.org/mailman/listinfo/discuss" target="_blank">http://lists.hackerspaces.org/mailman/listinfo/discuss</a><br>
<br></blockquote></div>
_______________________________________________<br>Discuss mailing list<br><a href="mailto:Discuss@lists.hackerspaces.org">Discuss@lists.hackerspaces.org</a><br><a href="http://lists.hackerspaces.org/mailman/listinfo/discuss" target="_blank">http://lists.hackerspaces.org/mailman/listinfo/discuss</a><br></div></blockquote></div><br></div></div></div><br>_______________________________________________<br>
Discuss mailing list<br>
<a href="mailto:Discuss@lists.hackerspaces.org">Discuss@lists.hackerspaces.org</a><br>
<a href="http://lists.hackerspaces.org/mailman/listinfo/discuss" target="_blank">http://lists.hackerspaces.org/mailman/listinfo/discuss</a><br>
<br></blockquote></div><br></div>
</blockquote>
</body></html>