The IRC daemon might have trusted TLS (I haven't checked), but their website definitely doesn't. So any addresses listed on that website are not trustworthy.phelix wrote:biolizard89 wrote:Their website isn't using a trusted TLS cert, so there's no way to know if the IRC server info on that website is authentic.phelix wrote:What about http://www.darkscience.net/ ?
It is somewhat scary that it is so difficult to find a good communication channel.SSL
Our server’s only accept SSL connections, you MUST enable SSL to connect. Our server’s certificates are signed by CAcert. You can find the root certificate at CAcert, these certificates are usually included with a ca-certificates package
Tor
You can connect to Dark Science using our tor hidden service with the address darksci3bfoka7tw.onion . Alternatively the DNS record tor.irc.darkscience.net will resolve to a tor hidden service.
Method of communication for meetings
-
- Posts: 2001
- Joined: Tue Jun 05, 2012 6:25 am
- os: linux
Re: Method of communication for meetings
Re: Method of communication for meetings
My personal opinion is that CAcert is "good", even though it is not trusted by most browsers by default. For someone who cares about security, it should be relatively easy to import the CAcert root (I've done so) and be sure they got the correct one. Debian shipped the cert trusted by default for some time, but stopped doing so lately. The certificate can still be installed from their package repository, I think.
BTC: 1domobKsPZ5cWk2kXssD8p8ES1qffGUCm | NMC: NCdomobcmcmVdxC5yxMitojQ4tvAtv99pY
BM-GtQnWM3vcdorfqpKXsmfHQ4rVYPG5pKS
Use your Namecoin identity as OpenID: https://nameid.org/
BM-GtQnWM3vcdorfqpKXsmfHQ4rVYPG5pKS
Use your Namecoin identity as OpenID: https://nameid.org/
-
- Posts: 2001
- Joined: Tue Jun 05, 2012 6:25 am
- os: linux
Re: Method of communication for meetings
The website in question has a TLS certificate that doesn't even have the website's domain name in its CN/SAN. The CA it uses is of secondary concern.domob wrote:My personal opinion is that CAcert is "good", even though it is not trusted by most browsers by default. For someone who cares about security, it should be relatively easy to import the CAcert root (I've done so) and be sure they got the correct one. Debian shipped the cert trusted by default for some time, but stopped doing so lately. The certificate can still be installed from their package repository, I think.
-
- Posts: 2001
- Joined: Tue Jun 05, 2012 6:25 am
- os: linux
Re: Method of communication for meetings
Among probably other things, an impostor IRC server could impersonate users.phelix wrote:Why is it important to know who operates the IRC server? All communication is public anyway.
Re: Method of communication for meetings
lol, I had expected identification would be between users.biolizard89 wrote:Among probably other things, an impostor IRC server could impersonate users.phelix wrote:Why is it important to know who operates the IRC server? All communication is public anyway.