27390 2014-11-21 13:47:03 +0000 whatwg.org's TLS 2015-10-16 14:45:11 +0000 1 1 1 Unclassified WHATWG Unwelcome unspecified Other other RESOLVED WORKSFORME P3 normal Unsorted 1 annevk annevk ian mike sideshowbarker+unwelcome oldest_to_newest 115285 0 annevk 2014-11-21 13:47:03 +0000 If you don't like tracking this as a bug, feel free to resolve this as INVALID. 1) We need to ask DreamHost when they plan upgrading their VPS customers. All Shared customers have been upgraded, but VPS customers still have a pretty shitty setup: https://www.ssllabs.com/ssltest/analyze.html?d=whatwg.org https://www.ssllabs.com/ssltest/analyze.html?d=html.spec.whatwg.org 2) We should use StartSSL's intermediate certificate that uses SHA-2: https://www.startssl.com/certs/class2/sha2/pem/sub.class2.server.sha2.ca.pem 115332 1 ian 2014-11-21 23:49:08 +0000 Assuming I didn't screw everything up, I just updated all 31 domains to use the same certs including that intermediate cert. Feel free to contact them. :-)