top | item 16120751

(no title)

Can't help but find it ironic the winner of the 2018 Levchin Prize for Advancements in Real-World Cryptography has an invalid SSL certificate on his research website.

discuss

emmelaich|8 years ago

Also the levchinprize.com website. (not that there is a link to it; and it might not even attempt to do ssl)

   levchinprize.com uses an unsupported protocol.
   ERR_SSL_VERSION_OR_CIPHER_MISMATCH

Classic.

duozerk|8 years ago

At first glance they do support SSL, but not TLS; basically your browser laughed at their antiquated protocol.

majewsky|8 years ago

A few hours ago, I went to their website after seeing the submission, and it worked. Now I'm getting SSL_ERROR_NO_CYPHER_OVERLAP (in Firefox 57). Maybe they're loadbalancing and one of the servers is incorrectly configured?

privateprofile|8 years ago

I can't help but finding it sad that the prize is a meager 10K, especially for projects that are so relevant for the Internet at large.

amelius|8 years ago

Security, in any organization, is always last on the budget list. Perhaps this is reflected in the prize.

jlgaddis|8 years ago

I did think the same thing, but you can't blame that on him. Blame IBM/Akamai.

nothrabannosir|8 years ago

You can. Responsibility for their choice of business partners lies with them, not the public. Otherwise this blame-game-treasure-hunt-rigmarole never ends.

It doesn’t matter that much, but it’s a matter of principle.

Edmond|8 years ago

It is on Akamai but it is on Akamai's non-TLS network (ie .egsuite.net)...you have to pay more for TLS on Akamai (.edgekey.net)....I'd blame IBM but not Akamai.