eggdrop.ch

Until now, if you had a private website which required a login or collected private data (for example a small online shop), you could create a self-signed certificate or a certificate signed by http://www.cacert.org/ for free. There would be a somewhat confusing error message in all browsers, but that wasn’t a big issue.

Now, let’s see what they did in Firefox 3 (Beta 1):

The website will not be displayed and there’s only a small link at the bottom (which most people won’t see). Clicking this unfriendly link requires you to confirm two additional questions and maybe do additional settings. In short, most people won’t be able to access your site at all.

So what are possible consequences of this change for private websites?

• They will stop using SSL. That’s the easiest way. Who cares about encryption? The user won’t notice anyway.
• They will use a certificate from http://cert.startcom.org/, which is the only certificate issuer I know which should not display this nasty error message. Unfortunately, if you want wildcards (i.e. make the certificate valid for all your subdomains), you still need to pay for a “Class 2″ certificate (http://www.startssl.com/), and most providers don’t give you enough IP addresses, but that’s another issue. So there’s no free solution for wildcard domains.

What could be done to avoid this problem?

• In my opinion, encryption and trust should be separated. It is more secure to visit a website which has encryption enabled than any other website without encryption. Ideally, every website would be transferred encrypted. If someone wants trust, i.e. allow people to see that your server is really your server, then he or she could buy a certificate. In the end, you can’t really trust any website (what, if the server has been compromised?), but encryption is always a good thing (your provider or your network administrator can’t read the data).
• CAcert should be included in mainstream browsers, which unfortunately doesn’t seem to be the case, not even in Firefox.
• There should be more free certificate issuers. You shouldn’t have to pay for encryption (or trust).

What’s your opinion about this topic?

Django is a great framework for building web applications. Recently they started to create the newforms library that makes it easy to handle forms.

But the newforms library works only for static forms. Forms that have a fixed number of fields. What I wanted to do, is create a page that allows you to edit multiple instances of a model at once. It should be similar to edit_inline, but there should be a JavaScript link that allows you to add another instance of the object.

That’s why I have written classes that make it possible to handle this type of forms using Django. No AJAX is utilized to make this work.

(more…)

Here are some tools that might be helpful if you’re creating websites.

The first one is GNOME Colorscheme which allows you to generate a variety of colorschemes from a single starting color. Note that there are many dependencies when you’re trying to compile it from the source code.

The second one is LinkChecker which allows you to check your website for broken links. I like the HTML output:

linkchecker -o html http://www.example.com/ > output.html

And if you don’t know the Web Developer Toolbar for Firefox yet, check it out!

I replaced my old Windows 98-style bluescreen 404 page with a new, dynamically generated Windows NT-style bluescreen. I think it looks much cooler now.

My website automatically detects which language you prefer and displays the appropriate content. I’m using this script because I didn’t want to write one myself. Strict mode is of course off (be nice to IE ).

The website is delivered in either XHTML 1.1 or HTML 4.01 Strict. It depends on whether your browser accepts the application/xhtml+xml mime type. There’s a great script which automatically sends the right version to the browser. I’m using that script because XHTML should be delivered as application/xhtml+xml and I can’t just send it to all browsers as application/xhtml+xml, because there are some browsers that do not support this mime type (yes, IE again).