Site certificate update

Just a quick note that I've updated the SSL cert for happyassassin.net. It's still self-signed and hence you'll have to allow an override if you want to use https to connect to the site for some reason, but at least it's not expired any more, and has a 'correct' CN, so if you're using Convergence, it should work.

Comments

elusive.ted wrote on 2011-09-08 22:25:
I keep hearing about Convergence these days. I'm currently using Certificate Patrol. Is there any reason why I should use Convergence instead?
adamw wrote on 2011-09-08 22:35:
well, convergence is a more radical proposition: it effectively replaces CA verification with this new 'notary' system. CP seems to be a more restricted attempt to solve one specific problem; it doesn't replace the whole CA verification process, it just pops up an alert if a certificate changes. I suppose CP would probably catch most cases where you wound up being tricked by something like the current CA compromise, because the certificate signed by whoever had compromised a CA would necessarily be a new one, and CP would presumably alert you. It'd still be up to you to somehow verify it was a maliciously-signed cert and not just some kind of regular update. I dunno, I'm not an expert. =)
foo wrote on 2011-09-09 11:59:
What about adding your key to the OpenPGP web of trust via monkeysphere? http://monkeysphere.info