Bitcoin Forum
May 26, 2018, 03:25:47 AM *
News: Latest stable version of Bitcoin Core: 0.16.0  [Torrent]. (New!)
 
   Home   Help Search Donate Login Register  
Pages: [1]
  Print  
Author Topic: Incorrect Firefox Warning for Bitcoin website  (Read 5522 times)
I-am-not-anonymous
Newbie
*
Offline Offline

Activity: 23
Merit: 0


View Profile
February 15, 2010, 04:24:16 AM
 #1

I hate to be the bearer of annoying news, but:

http://farm3.static.flickr.com/2715/4357986935_a3a337fd96_o.jpg

http://farm3.static.flickr.com/2753/4357986949_21230f426e_o.jpg

Certificate details from firefox: http://www.flickr.com/photos/47538931@N04/show/

This doesn't bother me I still use the site, but I can't help but think some paranoid people might turn tail at the site of the bright yellow Danger signs.
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1527305147
Hero Member
*
Offline Offline

Posts: 1527305147

View Profile Personal Message (Offline)

Ignore
1527305147
Reply with quote  #2

1527305147
Report to moderator
Xunie
Full Member
***
Offline Offline

Activity: 132
Merit: 100



View Profile
February 15, 2010, 07:58:01 AM
 #2

Google Chrome 5.0.307.7 beta (on debian) reports the same thing.

Caffeinism -- a toxic condition caused by excessive ingestion of coffee and other caffeine-containing beverage.
theymos
Administrator
Legendary
*
Offline Offline

Activity: 3038
Merit: 3148


View Profile
February 15, 2010, 08:43:04 AM
 #3

The TLS certificate is self-signed, so the warning is "correct". The encryption is just as strong as any other HTTPS connection, but without a CA's signature the site's identity can't be guaranteed -- a man-in-the-middle attack could be used. Unfortunately, getting a signature costs money.

Verifying the certificate's fingerprint here before adding an exception will prevent any MITM attack. This is only necessary when you add an exception; subsequent MITM attempts will trigger a warning by your browser.

HOWEYCOINS   ▮      Excitement and         ⭐  ● TWITTER  ● FACEBOOK   ⭐       
  ▮    guaranteed returns                 ●TELEGRAM                         
  ▮  of the travel industry
    ⭐  ●Ann Thread ●Instagram   ⭐ 
✅    U.S.Sec    ➡️
✅  approved!  ➡️
I-am-not-anonymous
Newbie
*
Offline Offline

Activity: 23
Merit: 0


View Profile
February 16, 2010, 03:31:41 AM
 #4

Unfortunately, getting a signature costs money.

Would something like this help:

http://cert.startcom.org/
http://www.cacert.org/

I don't mean to sound presumptuous or arrogant--I am fully aware of my own ignorance and that the above links could be completely useless--just a suggestion.


theymos
Administrator
Legendary
*
Offline Offline

Activity: 3038
Merit: 3148


View Profile
February 16, 2010, 05:17:17 AM
 #5

The CA's root certificate needs to be included in the browser to make the warning go away. CACert isn't included in any popular browser, and Startcom was only recently added to Windows. With Startcom, anyone who doesn't install the optional root certificates update in Windows update will still get an error in Chrome, Safari, and Internet Explorer. Firefox has had it built-in for a while.

HTTPS isn't the default (or really necessary) for bitcoin.org, so it doesn't much matter. If you want to manually switch to HTTPS, then you can deal with the self-signed certificate.

HOWEYCOINS   ▮      Excitement and         ⭐  ● TWITTER  ● FACEBOOK   ⭐       
  ▮    guaranteed returns                 ●TELEGRAM                         
  ▮  of the travel industry
    ⭐  ●Ann Thread ●Instagram   ⭐ 
✅    U.S.Sec    ➡️
✅  approved!  ➡️
I-am-not-anonymous
Newbie
*
Offline Offline

Activity: 23
Merit: 0


View Profile
February 16, 2010, 05:30:30 AM
 #6

The CA's root certificate needs to be included in the browser to make the warning go away. CACert isn't included in any popular browser, and Startcom was only recently added to Windows. With Startcom, anyone who doesn't install the optional root certificates update in Windows update will still get an error in Chrome, Safari, and Internet Explorer. Firefox has had it built-in for a while.

HTTPS isn't the default (or really necessary) for bitcoin.org, so it doesn't much matter. If you want to manually switch to HTTPS, then you can deal with the self-signed certificate.

I see now why now why bitcoin doesn't need a CA, most people will not access it with the https protocol and therefore won't be spooked off by scary warning labels like the ones I got.  Good to know.
raven1322
Full Member
***
Offline Offline

Activity: 172
Merit: 105


A BLOCKCHAIN SOLUTION TO DISRUPT TRADE FINANCE


View Profile
December 01, 2017, 12:07:21 PM
 #7

I hate to be the bearer of annoying news, but:





Certificate details from firefox: http://www.flickr.com/photos/47538931@N04/show/

This doesn't bother me I still use the site, but I can't help but think some paranoid people might turn tail at the site of the bright yellow Danger signs.
No need to worry for this kind of protection from firefox. Since BTC is now being adapted globally, not all would be affected of this kind of feedback.

Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!