On 22 August 2014 00:41, Armin Rigo
Hi,
On 18 August 2014 22:30, Oleg Broytman
wrote: Aha, I see now -- the signing certificate is CAcert, which I've installed manually.
I don't suppose anyone is particularly annoyed by this fact? I know for sure two classes of people that will never click "Ignore". The first one is people that, for lack of a less negative term, I'll call "security freaks". The second is "serious business people" to which the shiny new look of python.org appeals; they are likely to heed the warning "Legitimate banks, stores, etc. will never ask you to do this" and would regard an official hint to ignore it as highly unprofessional.
I've now raised this issue with the infrastructure team. The current hosting arrangements for bugs.python.org were put in place when the PSF didn't have any on-call system administrators of its own, but now that we do, it may be time to migrate that service to a location where we can switch to a more appropriate SSL certificate. Anyone interested in following the discussion further may wish to join infrastructure@python.org Regards, Nick. -- Nick Coghlan | ncoghlan@gmail.com | Brisbane, Australia