the govorment stealing mah quakes 

getting a bit hazy on these details, but aren't public keys built into browsers? if anyone can gets certs, these will go into the browsers as well? 

The public keys are, as the name suggest, public. They don't need to go into the browser because the server will transmit them to anyone who requests them.

If you request the public keys for a server, there are two questions of trust at stake.

1. How do I know that the person who sent me this public key has the private key to go with it? (Threat: an attacker could get the public key and then relay it to you.)
2. How do I know that this public key belongs to the server I want to talk to? (Threat: an attacker could send you details of a different public key which they have the private key for)

The first question is answered by a challenge-response system - you ask your counterpart to encode a random message using the private key, and check that the public key unlocks it.

The second question is answered by having a trusted party sign the key. This works a bit like our challenge-response, but the encrypted message is hard coded, and unlocks using the public key of a trusted party. In this case, the trusted party will be letsencrypt, and it's their public key which gets built into your browser or operating system. The hard-coded message should decrypt to say that "this key is valid for that server", and you don't trust it if it says anything else.

So then, you might reasonably ask, if letsencrypt will give anyone a certificate, what stops an attacker from getting their own key signed to work on somebody else's server? The reason that doesn't work so easily is that letsencrypt will give the certificate to anyone, so long as they can prove they control the server. This usually involves uploading a specific file to a location specified by letsencrypt - you only get a signature once you meet this challenge. 

 

"Your" 

oh right, whoooops, it's the certificates that are stored on the browser, not the keys. :}

i guess the question still stands, but with different words: how will the certs be distributed or will we get those 'self signed certificate warnings'? 

CAs can 'cross-sign' each other's certificates. By that you get chains of trust. The Let's Encrypt CA's cert was cross-signed by some already trusted CA so now browsers trust the certs they issue.

https://quakewiki.org is already running with such a cert, should work anywhere without problems (except non-SNI systems). 

https://letsencrypt.org/2015/10/19/lets-encrypt-is-trusted.html 

cool, thanks for the info.
i had no idea that those things were possible. i guess there really isn't any reason not to go https then, since there's no difficulty in getting a cert and having it work without users noticing. 

It's work for me and I don't see the point on this particular forum. Sorry. 

fb /\

ff //

bb \\

fbb /\\

ffb //\ 

Preview has some backslash bug, it will strip them unless escaped by backslash. Posts themselves are fine. 

yeah, i think someone reported that before but i haven't fixed it yet :\ 

http://www.celephais.net/board/view_thread.php?id=2&start=1874&end=1876 

Ooh, there's a faq! I'll try to write in a less dumb way now.

I wondered what kind of tags were supported. 

Saw a topic I was posting in regarding Q1 engines got moved? But I dont see any notifications saying where to look for it? I was discussing collisions and Spike and Metslime were responding, now cant find it? 

http://celephais.net/board/view_thread.php?id=24406&start=465 

Thanks.

Not sure if it would be possible to code in something so that any thread you have posted in, filters closer to the top when sorted and logged in. Some kind of sorting capability would help. 

maybe a way to search for your recent posts, so you could find those conversations again? 

Lets do it how Quake does it. Use centerprint, bprint and sprint.

Just kidding, but I do like how the structure here is very old school Quake. Its a very unique style, but the structure , at least for me in the beginning was hard to follow because of the way its sorting the messages. Im getting the hang of it the more I post. 

did you change it so links open in new windows now? 

No, must be a browser change on your end? 

oh, did firefox just start doing that then? i dunno... i haven't touched anything on my part. 

Just an idea, how about some more Quake old school icons, perhaps one for the rest of the Artifacts, ring, suit and maybe the rest of the standard quake models like the health and ammo boxes etc. Maybe that way it could serve as a better clue what the subject topic is about in a more defined way.

Heres one of a teleporter I just made from an in game screenshot, if you wanna use it :
http://tempsend.com/8C336E9531