[Gpg4win-users-en] Commonly accepted SSL/TLS certificate for gpg4win websites
aheinecke at intevation.de
Fri Oct 16 16:34:53 CEST 2015
On Friday 16 October 2015 16:14:13 Thomas Arendsen Hein wrote:
> * Werner Koch <wk at gnupg.org> [20151016 10:16]:
> > On Thu, 15 Oct 2015 16:04, thomas at intevation.de said:
> > > The certificate will be installed on the server that currently hosts
> > >
> > >files.gpg4win.org, so downloads from there will immediately become
> > >trusted without importing Intevation's CA.
> > As an alternative we could also put the gpg4in files on *.gnupg.org.
> Technically this would work if your server can serve additional
> (currently) 2.0-2.5 TB of traffic per month. The participants of the
> project would have to decide if this is a good idea.
I don't like the idea. Werner already has more then enough infrastructure to
administer. Let's keep the Gpg4win files and Website on our infrastructure. We
should have the capacity to administer this.
> > As domain owener I already offered to pay for the certs.
> Thank you, this would also make things easier, as the verification
> process would be only between two involved parties instead of three.
> But before you do that, we should make sure that the resulting
> certificate is usable for the intended setup.
Again I'm slightly against this. The costs should be manageable for Intevation
and I'd rather not have us put any more work / cost / responsibilities on
Werners plate even If he volunteers to do this ;-) .
This, of course, with the assumption that Intevation can get this done in a
Andre Heinecke | ++49-541-335083-262 | http://www.intevation.de/
Intevation GmbH, Neuer Graben 17, 49074 Osnabrück | AG Osnabrück, HR B 18998
Geschäftsführer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 181 bytes
Desc: This is a digitally signed message part.
More information about the Gpg4win-users-en