Pillow SSL Support

Due to recent concerns over the security of the pillow.rscheme.org website, I added self-signed HTTPS support to the site.

Note that self-signed is presumably more secure than major vendors, because major vendors are being sold out to the government. If you trust cnet, that is. But even if you don’t, there is good reason to trust self-signed certs more than commercial certs – Commercial certs are used by vastly more people, and so there is more data that can be used to solve the equation required to break SSL. (read the Wikipedia page for details)

But, here’s some instructions on how to get the certificate. The file is being hosted at https://s3.amazonaws.com/pillow-ssl/pillow.rscheme.cer. Download that file.

The hashes of that file are stored at: http://pillow.rscheme.org/pillow.rscheme.cer.sum and https://s3.amazonaws.com/pillow-ssl/pillow.rscheme.cer.sum

If you don’t know what the hashes mean, ignore them. If you do know what they mean, you can use them to verify the file you downloaded.

Now, import the downloaded file into your web browser:

http://tiptopsoftware.wordpress.com/2012/03/12/how-to-permanently-add-a-certificate-to-google-chrome/

Or: http://www.cyberciti.biz/faq/firefox-adding-trusted-ca/

Visit https://pillow.rscheme.org/. Happy browsing!

 

This entry was posted in Uncategorized. Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *