I can log into groups.io on firefox today but not safari, which warns me that the site "may be impersonating" groups.io and has certificate that "expired 1 day ago." Just a heads up.
--
J

Messages are the sole opinion of the author, especially the fishy ones.
My humanity is bound up in yours, for we can only be human together. - Desmond Tutu

“Log on” was the wrong term. I meant “visit the site,” whether I log on or not.

--
J

Messages are the sole opinion of the author, especially the fishy ones.
My humanity is bound up in yours, for we can only be human together. - Desmond Tutu

I'm unable to duplicate this, and the .groups.io certificate doesn't expire until September 9th. Is anyone else seeing this?

Thanks, Mark

I'm unable to duplicate this, and the .groups.io certificate doesn't expire until September 9th. Is anyone else seeing this?

Thanks, Mark

I cannot repro.

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_3) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.0.5 Safari/605.1.15

Best,

Glenn
"Yes, but does Gecko like KHTML?" -me, at work. I have a colleague whose nickname is Gecko (after the animal).

This is my safari: Version 11.1.2 (11605.3.8.1)
Should I worry? It has a little lock symbol and then it says:

This Connection is Not Private. This website may be impersonating "groups.io" to steal your personal or financial information. You should go back to the previous page.

Then you can click on "Go Back" or "Show Details." When I click on Show Details, it says

Safari warns you when a website has an expired certificate. This website's certificate expired 1 day ago. This may happen if the website is misconfigured, an attacker has compromised your connection, or your system clock is incorrect. Your system clock is set to Saturday, May 30, 2020. If this is not right, fixing the clock may address this warning.

To learn more, you can view the certificate. If you understand the risks involved, you can visit this website.

Oddly, I was unable to copy the text to paste it here. I had to type it in verbatim. I didn't click on either link above.
Should I worry???
Thanks.

--
J

Messages are the sole opinion of the author, especially the fishy ones.
My humanity is bound up in yours, for we can only be human together. - Desmond Tutu

On Sat, May 30, 2020 at 05:01 PM, Mark Fletcher wrote:

Is anyone else seeing this?

Someone reported it on GMF, but didn't specify the browser, https://groups.io/g/GroupManagersForum/message/32051

Duane

--
J

Messages are the sole opinion of the author, especially the fishy ones.
My humanity is bound up in yours, for we can only be human together. - Desmond Tutu

On Sat, May 30, 2020 at 04:47 PM, Larry Finch wrote:

Your Safari is very old. The current version is 13.1.1, so try updating it.

It seems no updates are available. Maybe because my Mac is very old as well? (Macbook Pro, Retina, 13 inch, early 2015) Or because I'm still running El Capitan (10.18.6)? I was warned not to install Catalina. Maybe that was bad advice?
 
--
J

Messages are the sole opinion of the author, especially the fishy ones.
My humanity is bound up in yours, for we can only be human together. - Desmond Tutu

Duane, could you get the info from the person on GMF about what they're running, etc?
--
J

Messages are the sole opinion of the author, especially the fishy ones.
My humanity is bound up in yours, for we can only be human together. - Desmond Tutu

No problems on my Mac running safari.

On 2020-05-30 at 3:01:17 PM, Mark Fletcher <markf@corp.groups.io> wrote:

I'm unable to duplicate this, and the .groups.io certificate
doesn't expire until September 9th. Is anyone else seeing this?

It looks like the Groups.io cert is cross-signed with the AddTrust
root that expired at 2020-05-30 10:48Z. [1]

Modern TLS clients don't have trouble with this cert because the
USERTRUST root hasn't expired yet.

Time for a newer cert without this root?

openssl s_client -connect groups.io:443

CONNECTED(00000004)
depth=2 C = US, ST = New Jersey, L = Jersey City, O = The USERTRUST Network, CN = USERTrust RSA Certification Authority
verify return:1
depth=1 C = FR, ST = Paris, L = Paris, O = Gandi, CN = Gandi Standard SSL CA 2
verify return:1
depth=0 OU = Domain Control Validated, OU = Gandi Standard Wildcard SSL, CN = *.groups.io
verify return:1
---
Certificate chain
0 s:OU = Domain Control Validated, OU = Gandi Standard Wildcard SSL, CN = *.groups.io
i:C = FR, ST = Paris, L = Paris, O = Gandi, CN = Gandi Standard SSL CA 2
1 s:C = FR, ST = Paris, L = Paris, O = Gandi, CN = Gandi Standard SSL CA 2
i:C = US, ST = New Jersey, L = Jersey City, O = The USERTRUST Network, CN = USERTrust RSA Certification Authority
2 s:C = US, ST = New Jersey, L = Jersey City, O = The USERTRUST Network, CN = USERTrust RSA Certification Authority
i:C = SE, O = AddTrust AB, OU = AddTrust External TTP Network, CN = AddTrust External CA Root
3 s:C = US, ST = New Jersey, L = Jersey City, O = The USERTRUST Network, CN = USERTrust RSA Certification Authority
i:C = SE, O = AddTrust AB, OU = AddTrust External TTP Network, CN = AddTrust External CA Root
---
<SNIP>

[1]: https://support.sectigo.com/articles/Knowledge/Sectigo-AddTrust-External-CA-Root-Expiring-May-30-2020

--
Christopher Warrington <lists@cw.codes>

Ok. From Mark's link, it seems like the problem may be my old computer etc:

"Devices that received security updates after mid 2015 should have the modern USERTrust RSA Certification Authority root certificate (valid until Jan 2038) in their operating system or browser truststores and should be largely unaffected.

Legacy devices that have not received updates to support newer roots will also likely to be missing other essential security updates and support for standards required by the modern Internet. We strongly encourage decommissioning these devices if their software cannot be upgraded. Non-upgraded, legacy devices should never be exposed to the Internet and special mitigations should be applied to isolate them from neighbor systems."

Any advice? Feel free to message me offlist if this is not relevant to most people here.

--
J

Messages are the sole opinion of the author, especially the fishy ones.
My humanity is bound up in yours, for we can only be human together. - Desmond Tutu

J_Catlady . . .

On Sat, 30 May 2020 17:57:38 -0700, "J_Catlady"
<j.olivia.catlady@gmail.com> wrote:

Any advice? Feel free to message me offlist if this is not relevant to most people here.

Are you unable to upgrade the operating system?

If you can't, you're in the same boat as those still Running Windows
XP. You won't have the security updates to keep you safe.

Donald


----------------------------------------------------
Some ham radio groups you may be interested in:
https://groups.io/g/ICOM
https://groups.io/g/Ham-Antennas
https://groups.io/g/HamRadioHelp

Ok. I will answer messages like this offlist from hereon in. Thanks.
--
J

Messages are the sole opinion of the author, especially the fishy ones.
My humanity is bound up in yours, for we can only be human together. - Desmond Tutu

Hi,

MacBook Pro ten years old running High Sierra 10.13.6

Patti