Update: Forget that fingerprint down there, the correct one is now on a cert from Comodo and reads like:
After the Heartbleed bug and having to regenerate all my certs, I went back to CACert certificates. Why? Because StartCom turned out to be wankers about the whole thing and handled themselves really badly.
No beer from the beer volcano for you.
PS: I’m still a CACert assurer in case you need your identity assured. This whole CACert shit has been working a lot better than anything the CA industry has come up with. I actually trust those nerds a little, I don’t trust the CAs in any way at all.
Update: The CACert auditing process seems to have stalled (?), so it looks like they won’t be included in major products for some time still. I still very much like the idea of a decentralized peer-to-peer CA, but it would mean I’d have to explain to my friends that accepting an “invalid” certificate is fine in my case, something I don’t want to do.
Yes, I know that is one of the root problems of the whole SSL architecture, but well. I gave in and spent some money with Comodo for a wildcard cert. I got it for around $60/year at CheapSSL, that’s an OK price, I think. The whole CA business is still broken, but here we are.
The correct fingerprints for psy-q.ch are now:
44 A5 29 62 23 33 B5 96 94 B1 A7 19 8A 5F AB B1 AB EF 73 79 38 B3 86 03 F1 6E AD 8C 05 5A 2A 2F 29 5C 43 69 31 1C 76 34 0F 3C 58 8E 00 17 DD 14 96 6F 6A 8A
Sorry for moving back and forth like that! I promise not to do that again unless something like Heartbleed happens again.