hey debconf folks-- Just doing some web site triage on https://penta.debconf.org/, and found three problems: 0) the X.509 certificate chain was mis-ordered (it is supposed to be <end-entity,intermediate,root>, but was being served as <end-entity,root,intermediate>). Ganneff just fixed this. Thanks, Ganneff! 1) the "DebConf resources" link on the front page points to https://penta.debconf.org/resources.shtml, which is a 404 Not Found. Maybe it's supposed to be https://www.debconf.org/resources.shtml ? 2) https://penta.debconf.org/ contains a bunch of images served in the clear from http://www.debconf.org/. This is considered a data leak by most browsers, and they will usually show a "broken lock" icon. Standard practices for https web sites would have all the embedded content served via https instead of http. The simplest way to "fix" the broken lock would probably be to replace all those img src's with https:// instead of http:// (since www.debconf.org is also offered via https). I don't think i have access to fix these things myself, or i would just do it. Can someone else take care of them? Thanks, --dkg
Attachment:
signature.asc
Description: OpenPGP digital signature