#digitalsalon

← Previous day Next day → Sept. 2, 2014
[20:08:29]	dclo:	joins
[20:13:04]	dclo:	leaves
[20:13:44]	dclo:	joins
[20:22:29]	dclo:	leaves
[20:30:57]	dclo:	joins
[20:38:49]	dclo:	leaves
[20:43:09]	thisgeek:	joins
[20:48:51]	thisgeek:	leaves
[22:47:10]	kenbolton:	joins
[22:55:19]	kenbolton:	leaves
[22:57:15]	kenbolton:	joins
[23:21:47]	kenbolton:	leaves
[07:40:37]	dclo:	joins
[07:52:57]	dclo:	leaves
[09:29:57]	kenbolton:	joins
[10:08:27]	thisgeek:	joins
[11:20:42]	dclo:	joins
[11:23:38]	kenbolton:	leaves
[11:24:06]	kenbolton:	joins
[12:18:59]	dclo:	leaves
[12:25:51]	kenbolton:	leaves
[12:28:00]	dclo:	joins
[13:10:05]	thisgeek:	leaves
[13:20:01]	dclo:	leaves
[14:01:58]	kenbolton:	joins
[14:19:33]	thisgeek:	joins
[14:45:37]	dclo:	joins
[14:55:00]	dclo_:	joins
[14:57:41]	dclo:	leaves
[15:13:29]	dclo_:	leaves
[15:19:55]	dclo:	joins
[15:21:12]	kenbolton:	ok smart people: is there a compelling reason to be exporting a remote server's x509 pem file to the client?
[15:25:13]	dclo:	leaves
[15:38:07]	kenbolton:	ok, the answer i received from the good folks on #mhvlug confirmed my understanding: you might store the cert to compare it on each connection to be sure it has not been compromised, but that will cause a breakage every time the certificate is modified.
[15:38:19]	kenbolton:	in my case, they are apparently only checking the expiration date because they did not notice that the entire certificate changed during heartbleed.
[15:38:53]	kenbolton:	one helpful mhvlugger said, "consider the new cert you received from us to be notification."
[16:48:10]	dclo:	joins
[17:33:33]	thisgeek:	leaves
[17:58:28]	thisgeek:	joins
[18:41:09]	kenbolton:	leaves
[18:43:13]	dclo:	leaves
[19:02:51]	thisgeek:	leaves
[19:15:38]	dclo:	joins
[19:15:42]	kenbolton:	joins
[19:25:15]	thisgeek:	joins
[19:39:24]	kenbolton:	leaves
[19:42:53]	dclo:	leaves
[19:49:08]	thisgeek:	leaves
[19:56:31]	thisgeek:	joins
[19:56:44]	kenbolton:	joins

Sept. 2, 2014