they're not owned by microsoft and they're switching to google cloud you tech illiterate fuckwit
Hurrdurr ms bought github
Eli Jenkins
Colton Jackson
Who gives a fuck where the website is hosted? I couldn't care less.
Show proofs. What IPs, what packages?
Nathaniel Taylor
Use a united states based proxy to access gentoo.org and check the SSL provider. Now use a hong kong based proxy and access bugs.gentoo.org. The SSL certificate for both sites are different. For me gentoo.org uses (((let's encrypt))) but bugs.gentoo.org uses (((GlobalSign nv-sa))) One of them is MITM'd thereby.
Grayson Adams
>Use a united states based proxy to access gentoo.org and check the SSL provider. Now use a hong kong based proxy and access bugs.gentoo.org. The SSL certificate for both sites are different. For me gentoo.org uses (((let's encrypt))) but bugs.gentoo.org uses (((GlobalSign nv-sa))) One of them is MITM'd thereby.
The more likely explanation is that they're just hosted by different people on different servers using different certificates.
Have you tried checking in any way, or did you just assume the most harmful explanation? Try contacting the people who manage the servers. If they're in on it, they wouldn't need to use multiple certificates to enable MitMing.
Oliver Cruz
They're different regardless of whether you use proxies or not, idiot.
Zachary Powell
Oh, well it doesn't change the fact that there shouldn't be two totally different ssl certificates for the same website/subdomain.
Adam Jones
They have different IP addresses. They're on different servers. Why should they share a certificate?
Noah Williams
...
Andrew Harris
Have you never heard of load balancing? Domains might redirect to different machines at different IP's but would still use the same SSL certificate. Take for example amazon.com and it's subdomains. They are not all the same IP nor the same server, but the domain and subdomains use all the same name, amazon, and the same SSL provider.
Josiah Foster
They're not just different servers, they're different websites. Same as python.org and mail.python.org, which also have different SSL certificates.
There's no rule that subdomains need to have the same certificate as the domain they descend from. Sometimes it's a sensible choice, but if they point at essentially separate services that are run separately then sharing a certificate would only make things less secure.