[liberationtech] Y! / SSL
Philipp Winter
phw at nymity.ch
Mon Oct 6 02:12:34 PDT 2014
On Mon, Oct 06, 2014 at 11:52:02AM +0800, Eric S Johnson wrote:
> I just got back to CN from a vacation. I’m now (in all three main
> Windows browsers) seeing yahoo.com automatically flip over to
> HTTPS--and then give a bad cert error. The *root* cert is listed as
> yahoo.com and is valid “23 Sep 14 to 23 Sep 15.”
>
> Is Y! experimenting with making access to their resources
> always-only-HTTPS? Are they having certificate problems? “HTTP only”
> seems like a good direction in which to go, but teaching people to
> accept bad cert warnings seems like a bad direction in which to go.
GreatFire.org seems to have seen the same. At least the certificate
life time is identical:
<https://twitter.com/GreatFireChina/status/516872770270269440>
Cheers,
Philipp
More information about the liberationtech
mailing list