>>104497 actually no https does not prevent site impersonation. I've had the bad fortune to use MS Edge, it proxies sites to fake versions as it deems necessary to prevent people from visiting sites it thinks people shouldn't visit. it's able to do that even though the page is https.so no, a cert does not prevent proxying a site through a fake page. the fake proxied copy will even have the same URL. in fact so long as the fake page has the same URL then the https cert is valid for it. on the note of lets encrypt: forkheads looked into it, our admin noted issues with it compared to manual cert registration. LE has a terms of service which could change on a whim, they reserve the right to refuse to provide cert services to site's whose content is deemed objectionable by the LE team, thier lawyers, or any third parties and thier lawyers who find out your site uses [insert thing they don't like]. swfchan would be banned from recieving certs by LE in an instant. "you allow loli H swfs, no https cert for you, remove every entry since the dawn of time and handover ownership of the site to our designated party and dox yourself and appear in court in Australia or the EU, in order to get your certs reestablished" "Lol, no." LE also has terms about mandatory site updates. they'd be quick to tell swfchan that Flash swfs are 'insecure' and that "swfchan needs to remove the ability to host and display swfs in thier native flashplayer" and make all sorts of demands about the way object elements of the site are written. "for security purposes the wrapper for the swf object needs to be written in google javascript 9.0 and should proxy the actual page content from a script to build it hosted on google, this prevents outdated browsers who may be effected by swfs from viewing them." and they reserve the right to change thier ToS as they see fit, so worse things than I described can find thier way in. they could literally hold the site hostage dangling the cert over it's head. in short, the less companies and terms of service are involved the better. |