Crai Conundrum
-
Posts
5 -
Joined
-
Last visited
Content Type
Forums
Blogs
Knowledge Base
Posts posted by Crai Conundrum
-
-
SSP?
in Linden Homes
2 hours ago, Patch Linden said:Hmmm! Can anyone guess where?
Judging by the fact that SSP124 has had a dot on it now for hours today, and the fact the terrain in the picture is very... sculpted like two eyes (circles) which matches the "HI!" terrain, I assume you are at SSP124?
-
1
-
-
12 minutes ago, Arron Rainfall said:
Linden Lab really should purchase a wildcard certificate from a trusted CA. It shouldn't matter even if the wildcard certificate was $500/year(even though you can get them cheaper than that). They got thousands of sims that rich people are paying $300+/month for. There's no reason they couldn't afford a wildcard certificate. They've made it obvious, by not providing any new functions that are considered intuitive and highly demanded(*cough* Name2Key *cough*), that they want the creators of Second Life to take some of the overhead of functionality and putting it on their own servers. The least they can do is use a wildcard certificate issued by a trusted CA so creators can use 3rd party services like AWS SNS or AWS Lambda to deliver data to inworld HTTPS URLs.
Linden Lab already has a business relationship with Amazon: https://aws.amazon.com/solutions/case-studies/linden-lab/
Given this intormation, if Linden Labs absolutely refused to purchase a wildcard certificate, then perhaps they could try to persuade Amazon to recognize Linden Lab Certificate Authority as a trusted CA.
Agreed. However, if they only take the Amazon route here, they will not be accounting for those who write web applications with JavaScript, which requires the browser's trust in order to execute (Google Chrome actively blocks XMLHttpRequest attempts with a non-trusted CA root certificate). It will also not resolve other services and applications that require a valid CA root.
Paying for a wildcard certificate seems to be the simplest and most secure action Linden Lab could take here. If I were them, I'd do it without a second thought.
-
1
-
-
4 minutes ago, TommyTheTerrible said:
I think something like Let's Encrypt is a great idea but I don't understand why Linden Labs just can't setup their own certificate service and then register as a CA with AWS.
You guys charge an insane amount of money for sims, no reason why we can't expect you to make them secure.
No need for them to make their own CA (which is what they currently have done with the "Linden Lab Certificate Authority" root they are using). All they have to do is purchase a cheap domain validated wildcard certificate. Besides, most CAs issue certificates with 2048-bit RSA keys nowadays, so the encryption is the same as what they currently have as far as I'm aware. They'd get all browsers and services to trust them then with a trusted CA.
-
Just now, Arron Rainfall said:
I think LL might want to take a look at Let's Encrypt. They are free and they will be issuing wildcard certificates in January:
https://letsencrypt.org/2017/07/06/wildcard-certificates-coming-jan-2018.html
This is true, but the one main issue with that is LL would have to re-issue the certificate every 3 months... which would then be impractical for them. Unless they have auto-renewal setup on their server.
-
1
-
Facebook
Instagram
Twitter
YouTube
Flickr
SSP?
in Linden Homes
Posted · Edited by absolutelycrazy
With the size of the continent, and seeing as the Linden's plan these projects out, I'd assume the terrain is made externally and then uploaded as RAW files as the regions are dropped. Whether they need a Linden in-world to do that or whether they can upload terrain files on the server end, however, is anyone's guess.