https://cryptovillage.org/
45 views
Skip to first unread message
Tony Arcieri
Oct 1, 2014, 2:23:04 AM10/1/14
to crypto...@googlegroups.com
I enabled CloudFlare's new Universal SSL on cryptovillage.org. The certificate isn't verifying yet, but I'm told they just have a backlog and it should start verifying soon:
https://cryptovillage.org/
--
Tony Arcieri
This is presently using CloudFlare's "Flexible SSL" model, a.k.a. CloudFlare terminates SSL, and sends the request back to the origin server in plaintext. That kind of sucks.
The reason is cryptovillage.org is hosted on GitHub Pages, which is a pretty neat way to manage static content. However, GitHub Pages doesn't presently support SSL with custom domains.
It'd be neat if CloudFlare and GitHub Pages could get that sorted out...
Tony Arcieri
Tony Arcieri
Oct 6, 2014, 1:13:18 PM10/6/14
to crypto...@googlegroups.com
Another week later and the cert verifies. Hooray for crypto!
--
Tony Arcieri
Tony Arcieri
Adi Kamdar
Oct 6, 2014, 2:12:32 PM10/6/14
to crypto...@googlegroups.com
Awesome!
--
You received this message because you are subscribed to the Google Groups "Crypto and Privacy Village" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cryptovillag...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
-- Adi Kamdar Activist, Electronic Frontier Foundation https://eff.org a...@eff.org | 415.436.9333 x144
Whitney Merrill
Oct 6, 2014, 2:49:30 PM10/6/14
to Adi Kamdar, crypto...@googlegroups.com
Woo hoo! Thanks Tony!
Tony Arcieri
Oct 12, 2014, 7:00:06 PM10/12/14
to crypto...@googlegroups.com
Something I've learned about CloudFlare: if you set your site's security level to anything but "Low", Tor users will be asked to solve a CAPTCHA, which is silly.
I am turning the security level of all of my sites down to low, but I really wish that CloudFlare weren't so punitive towards Tor users, especially if it hasn't detected any misbehaving ones for a particular domain.
--
Tony Arcieri
Tony Arcieri
Tony Arcieri
Oct 12, 2014, 8:14:27 PM10/12/14
to crypto...@googlegroups.com
Here's what it looked like in Tor Browser, FWIW. Pretty bad:
--
Tony Arcieri
Tony Arcieri
Nate Cardozo
Oct 12, 2014, 8:18:17 PM10/12/14
to Tony Arcieri, crypto...@googlegroups.com
We have some good connections at CloudFlare and we're discussing at
EFF whether/how to bring it up. Thanks for noting the issue Tony!
Nate
Nate
-- Nate Cardozo Staff Attorney Electronic Frontier Foundation 815 Eddy Street San Francisco, CA 94109 na...@eff.org | 415.436.9333 x146 783A 8CC4 166D 1768 4E8E DAFD 2D76 4786 4AE6 3181 Help EFF defend our rights in the digital world https://www.eff.org/donate
Tony Arcieri
Oct 12, 2014, 8:53:49 PM10/12/14
to Nate Cardozo, crypto...@googlegroups.com
On Sun, Oct 12, 2014 at 5:18 PM, Nate Cardozo <na...@eff.org> wrote:
We have some good connections at CloudFlare and we're discussing at EFF whether/how to bring it up. Thanks for noting the issue Tony!
Thanks for looking into this!
I think the general problem is how IP reputation systems react to things like Tor exit nodes. In an anonymizing system like Tor, clearly some of the traffic coming out of an exit node is going to be malicious.
The problem is under their existing IP reputation model, this means exit node IPs are tainted-for-life. I think there needs to be some kind of special handling of Tor exit node IPs that can strike a balance between their business of defending against attacks and people's desire for anonymity.
Tony Arcieri
Reply all
Reply to author
Forward
0 new messages