Please create an account to participate in the Slashdot moderation system


Forgot your password?

Comment: Re:Mozilla's made mistakes, but people exaggerate (Score 1) 230

by kthreadd (#49606465) Attached to: Chrome Passes 25% Market Share, IE and Firefox Slip
There are free software implementations of those but that's not really the point. Claiming the Chrome is free software is simply incorrect even though it is based on free software. If people used Chromium that would be fine but the problem is that they don't. The only reason why some people use Chromium is because some GNU/Linux distributions package it for them. The vast majority of Chrome users don't even know that Chromium exists. If Google really cared about free software they should remove the non-free bits and make it just free software.

Comment: Re:Excellent. (Score 1) 317

by kthreadd (#49594891) Attached to: Mozilla Begins To Move Towards HTTPS-Only Web

How many hosting providers can you name that will install arbitrary certificates and run HTTPS for you without additional charges? GoDaddy? (No) FatCow? (No) SiteGround? (No) HostGator? (No) BlueHost? (No) DreamHost? (No)

They will generally offer self-signed HTTPS for a backend interface (e.g. one without your domain name in it). All of them want you to pay a fee for the service of offering HTTPS on your own virtual domain (regardless of who signs your certificate).

I'm sure they will change their business model.

Comment: Re:Excellent. (Score 2) 317

by kthreadd (#49594877) Attached to: Mozilla Begins To Move Towards HTTPS-Only Web

Not the same thing, wildcard helps in cases where multiple subdomains are being served by one server with only a single ip address. Since Let's Encrypt is currenly discussing wildcards, and its not looking good for them to actually support them, this would require servers to have an ip address per domain. If a server has more than 2 domains it is server, its COMPLETELY unreasonable.

It's not necessary to have an IP address per cert anymore since every browser has support for SNI nowadays.

Comment: Re:Wait a minute... (Score 2) 317

by kthreadd (#49593557) Attached to: Mozilla Begins To Move Towards HTTPS-Only Web

If my website just serves up public data that I don't care about the government seeing, you're going to disable new features on it anyway? Seems a bit extreme.

TLS can actually be used without encryption, the data is transfered in clear but you still get the authentication; which is actually something you want even if the data itself isn't secret.

No directory.