gluglug.org.uk identity
If you visit gluglug.org.uk, you are using http. I wanted to check if https was enable -I thought it shoud, as you have to fill in a form when buying something from gluglug.org.uk
When connecting to https://gluglug.org.uk the browser showed a "This Connection is Untrusted". Then I decided to contact gluglug.org.uk to ask whether I should accept that certificate. As http://www.gluglug.org.uk/contact/ shows the PGP public key for name at domain, I decided to use GPG to communicate with them for my question.
I searched for name at domain public key in the key server, I found it and imported it. As http://www.gluglug.org.uk/contact/ does not show the fingerprint of name at domain, but the whole public key, I tried to see the whole public key I imported, and managed to do so by
gpg --armor --export name at domain
When comparing them I saw the first 13 lines looked identical, but not the rest, and the one I imported even had more lines.
Does anyone have an explanation for this?
I do not know much about https certificates nor GPG, so very likely that's just the problem. I hope so, because I started to go paranaoid, and think of people who are trying to escape from the surveillance of proprietary software, as some gluglug.org.uk customers, might be receiving hardware with a surprise from the NSA ANT catalog in it.
I am a translator!
this is strange. I visited that website like a week ago and it was fine. If I try now, firefox blocks it -unsecure connection (invalid security certificate) .
Jane - you are rightly "paranoid" , something is wrong here.
What I got when I forced my way there:
It's ok, I'll forget it. Thank you.