CIRA voting has begun. And bad SSL ensues

Yesterday was the AGM for the Canadian Internet Registry (CIRA). And coincident with that, the voting for the next slate of board of directors started. I am running for a board member, and would appreciate your vote. If you have a .ca domain name, you are a member. You had to be a member by Sept 6 (21 days prior) to vote. The vote link is here.

Now, on going to that link, many of you will be presented with an SSL error. This is not good. It is using a distrusted certificate authority (and no CAA record!). Tsk tsk. I posted about this on the discussion board here, feel free to chip in with your $0.02.

And get out and vote you .ca’ers.

And for gosh sakes, check that your own sites are:

  • SSL-enabled
  • SSL-only (30x redirect from the non-ssl-name, e.g. http://foo moves you to https://foo)
  • Have HSTS enabled, with long duration
  • Have a CAA record
  • Use SHA256 not SHA1
  • Have valid trusted certificate







Leave a Reply

Your email address will not be published. Required fields are marked *