Re: PSA: Does your app use Sparkle? Update it, or use an HTTPS server
Re: PSA: Does your app use Sparkle? Update it, or use an HTTPS server
- Subject: Re: PSA: Does your app use Sparkle? Update it, or use an HTTPS server
- From: Ben Kennedy <email@hidden>
- Date: Wed, 10 Feb 2016 17:16:43 -0800
> On 10 Feb 2016, at 5:00 pm, Gary L. Wade <email@hidden> wrote:
>
> You've made my point. None of my friends would even bother with looking at the certificate for his site (assuming that's his site from his email address) and move on. At worst, they'd call me and I'd say don't go there since I don't want them to screenshot that and text it to me to figure it out.
No, you are misunderstanding me. My point is that it may not be valid to assume the web server at 213.186.33.24 (to which xenonium.com resolves) will answer to HTTPS with a cert for "xenonium.com".
For example, https://213.186.33.24 presents the same "hostname mismatch" alert, because the cert is not named for "213.186.33.24".
Conduct the same exercise for any A record returned for www.apple.com, and you'll also get this result. Completely expected.
Now, if Jean-Daniel has stated definitively that https://xenonium.com is expected to serve up a matching certificate, you have an argument I would agree with. But for all we know (unless I've missed it), he's serving his material at https://ssl13.ovh.net.
b
_______________________________________________
Cocoa-dev mailing list (email@hidden)
Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden