Indymedia linksunten over https

Fingerabdruck

linksunten.indymedia.org is from now on only accessible via https, all http requests will be redirected to https. Thus, all connections between your browser and our server are encrypted. We use a SSL encryption, the standard encryption method for web site requests. This worked already in the past but the browsers did not accept our hitherto self-signed certificate automatically so an exceptions had to be added. As we now use a commercial certifiacte which is valid for five years, your browser will accept the certificate without any problems.

 

Unfortunately, the https concept is broken by design because the only automatic protection against an attack on the SSL connections is the trustworthiness of the companies whose certificates come preinstalled in your browsers. But if one of those companies is hacked as it was the case about a year ago with Comodo which issued our new certificate or a company issues another valid certificate for a website as it was the case with Trustwave then an attack is possible without any possibility of automatic detection by the browser.

 

The only secure protection against an attack on the encryption is a manual verification of the certificate. This is done by comparing a so-called fingerprint of the certificate which will be display by clicking on the certificate properties icon in the address bar of your browser. The SHA1 fingerprint of our new SSL certificate is:

 

CC:01:E8:26:76:74:51:0C:DE:4B:0E:1C:FD:DC:7F:C7:17:A3:D0:4C

 

Spread our fingerprint! And don't get caught...

 

IMC linksunten