https access to www.mersenne.org failed
 

Some few days ago I successfully visited [url]https://www.mersenne.org/[/url] This access method is preferable because of more secure way of password transmittion. Now I have get following error text instead of usual site content: Directory Listing Denied This Virtual Directory does not allow contents to be listed. This is a temporary problem?

The message I just got when trying the same https (with IE6) was:

[B][SIZE=1]There is a problem with this website's security certificate.[/SIZE][/B]


[B][SIZE=1]The security certificate presented by this website was not issued by a trusted certificate authority.[/SIZE][/B]

I get this:[code]Secure Connection Failed

www.mersenne.org uses an invalid security certificate.

The certificate is not trusted because the issuer certificate is unknown.

(Error code: sec_error_unknown_issuer)[/code][size=1]Firefox 3.0.5[/size]

And I get this:
Directory Listing Denied

This Virtual Directory does not allow contents to be listed.
{Safari 3.2.1}

The two error messages cheesehead and retina posted are just the browsers complaining about the security. I'm using FF and when I ignore those and get to the page, I see the same "Directory Listing Denied This Virtual Directory does not allow contents to be listed." that the OP and 99.94 see.

Now, when I use Firefox 3.0.5, I get a "Page Load Error" and

"Secure Connection Failed

[URL="http://www.mersenne.org"]www.mersenne.org[/URL] uses an invalid security certificate.

The certificate is not trusted because the issuer certificate is unknown.

(Error code: sec_error_unknown_issuer)"

At the bottom is:

"Or you can add an exception…"

but when I click on that, then click on "Add Exception", I get:

"[B]Legitimate banks, stores, and other public sites will not ask you to do this.[/B]"

So, the question is:

[I]Is GIMPS a legitimate public site?

[/I][I]I know what you're thinking. "Is that security certificate trustworthy or not?" Well, to tell you the truth, in all this excitement I kind of lost track myself. But being as this is the Internet, where the Department of Homeland Security expects cyber terrorists to launch increasingly sophisticated cyber attacks within the next five years, and you could be the victim of identity theft, or have your system zombied, or have your L-L residue corrupted, you've got to ask yourself one question: Do I [B]feel[/B] [B]lucky[/B]? Well, do ya, punk?
[/I]

[QUOTE=cheesehead;155079]"[B]Legitimate banks, stores, and other public sites will not ask you to do this.[/B]"

So, the question is:

[I]Is GIMPS a legitimate public site?[/QUOTE]Well you answered your own question. If it [b]was[/b] legitimate then you wouldn't need to add an exception. ;P

Of course the cost of adding an "approved" certificate is not exactly free, so would it be a good use of funds to get one? My thought is that it would not be. There are no valuable assets being protected by it so if someone wants to steal my credit then so be it, they're welcome to it if it means so much to them. Go ahead, make my day!

[quote=retina;155080]Well you answered your own question. If it [B]was[/B] legitimate then you wouldn't need to add an exception. ;P[/quote]But, do you [B]feel lucky[/B]?

[quote]Of course the cost of adding an "approved" certificate is not exactly free, so would it be a good use of funds to get one? My thought is that it would not be. There are no valuable assets being protected by it so < snip >[/quote]But potential security-worried participants could be scared off by the warnings, so maybe a bit of cost (how much?) would be worth it for peace-of-mind. GIMPS's reputation is a valuable asset!

[QUOTE=cheesehead;155081]But, do you [B]feel lucky[/B]?[/QUOTE]You would need to ask Lucky about that.

Hmm...I was just thinking. What good does having an HTTPS connection to mersenne.org do if the password is already sent in the URL? SSL doesn't prevent an attacker from reading the URL, as far as I know. :sick:

Ask the U.S. Department of Homeland Security.