27390 – whatwg.org's TLS

This is an archived snapshot of W3C's public bugzilla bug tracker, decommissioned in April 2019. Please see the home page for more details.

Bug 27390 - whatwg.org's TLS

Summary: whatwg.org's TLS

Status:	RESOLVED WORKSFORME

Alias:	None

Product:	WHATWG
Classification:	Unclassified
Component:	Unwelcome (show other bugs)
Version:	unspecified
Hardware:	Other other

Importance:	P3 normal
Target Milestone:	Unsorted
Assignee:	Anne
QA Contact:	sideshowbarker+unwelcome

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2014-11-21 13:47 UTC by Anne
Modified:	2015-10-16 14:45 UTC (History)
CC List:	2 users (show)

See Also:

Attachments

Description Anne 2014-11-21 13:47:03 UTC

If you don't like tracking this as a bug, feel free to resolve this as INVALID.

1) We need to ask DreamHost when they plan upgrading their VPS customers. All Shared customers have been upgraded, but VPS customers still have a pretty shitty setup: https://www.ssllabs.com/ssltest/analyze.html?d=whatwg.org https://www.ssllabs.com/ssltest/analyze.html?d=html.spec.whatwg.org

2) We should use StartSSL's intermediate certificate that uses SHA-2: https://www.startssl.com/certs/class2/sha2/pem/sub.class2.server.sha2.ca.pem

Comment 1 Ian 'Hixie' Hickson 2014-11-21 23:49:08 UTC

Assuming I didn't screw everything up, I just updated all 31 domains to use the same certs including that intermediate cert.

Feel free to contact them. :-)