=== L3top_ is now known as L3top
[15:32] <MonsterKiller> Hey, using the Encyclopedia, have a factoid i want to set but when i set it, it says it already means something. if i do "no X is Y" it says the factoid isnt known to it yet
[15:33] <MonsterKiller> if i try to make it forget it, it says it doesnt exist yet
[15:33] <MonsterKiller> :/
[16:39] <_d4vid> bazhang, there?
[16:40] <_d4vid> bazhang, iam wait about 4 days to -q me .. nothing happens
[16:40] <_d4vid> bazhang, i can not send messages to channel
[16:40] <_d4vid> bazhang, i mean #ubuntu-ru
[17:58] <jpds> MonsterKiller: 'unforget' it and try changing it again.
[17:59] <MonsterKiller> ah. ty
[17:59] <MonsterKiller> :)
[21:12] <Fuchs> pangolin: looking good
[21:13] <pangolin> thank you for your help
[21:13] <Fuchs> pangolin: I'd still recommend using SSL though
[21:14] <pangolin> how do i go about doing that?
[21:15] <Fuchs> Xchat it was?
[21:15] <pangolin> yup
[21:16] <Fuchs> I think it has a setting in the server configuration dialog. Are you directly connecting to freenode, or do you have a bouncer or such?
[21:16] <pangolin> direct
[21:16] <Fuchs> then there should be a checkbox in the server dialogue
[21:18] <pangolin> I need to check the Accept invalid cert box also right?
[21:18] <Fuchs> I sure hope our certs are valid :)
[21:19] <Fuchs> but yes, depending on what system certs you have, why not.
[21:19] <EvilResistance> the certs are valid, but yoiu need the root certs
[21:19] <EvilResistance> on ubuntu, the root certs for freenode arent included for the cert authority
[21:19] <EvilResistance> but the certs are indeed valid
[21:20] <EvilResistance> in XChat, you need to put the SSL port in place of 6667.
[21:20] <EvilResistance> then say "Connect to server via SSL"
[21:20] <EvilResistance> and of course, tell it to ignore cert errors and what not
[21:20] <pangolin> heh
[21:21] <EvilResistance> for me, i just connect to my ZNC, doesnt matter if i use SSL or not, since the ZNC is connected to freenode with SSL :p
[21:21] <EvilResistance> but that's me :P
[21:21] <Fuchs> same for me, but SSL on both lines
[21:22] <EvilResistance> indeed
[21:22] <EvilResistance> same for me, too, but my phone doesnt like SSL for some reason
[21:22] <EvilResistance> so...
[21:22] <EvilResistance> for that only, i use non=SSL
[21:22] <EvilResistance> but its rare i dont have my laptop, so :p
[21:24] <Fuchs> pangolin: perfect now :)
[21:25] <pangolin> weeeeeeeeeeeeeeeee
[21:25] <pangolin> thanks again for the help Fuchs and you too EvilResistance
[21:25] <EvilResistance> pangolin, yep
[21:25] <JanC> ignoring SSL cert errors is bad  ;)
[21:26] <EvilResistance> JanC, the alternative is updating the ca-certificates package with additional root certificates
[21:26] <pangolin> I chose not to accept invalid certs
[21:26] <EvilResistance> pangolin, you might run inot the random "I will randomly return an invalid cert" error, that is common with FreeNode
[21:26] <EvilResistance> granted, it happens mor eoften with Windows, but it does occasionally happen on Ubuntu / Linux
[21:26] <JanC> EvilResistance: you can also install a cert manually (after checking it is legit, of course)
[21:27] <EvilResistance> JanC, indeed, but the ca-certificates package is missing key CA certs
[21:27] <EvilResistance> i had to manually install the CA root certs for a legit SSL certification company
[21:27] <JanC> to be honest, I think that package includes lots of non-legit CA keys  :P
[21:28] <EvilResistance> :P
[21:28] <JanC> most CA companies are a fraud
[21:28] <EvilResistance> VeriSign is a fraud?
[21:28] <Fuchs> pangolin: you're welcome
[21:28] <JanC> yes
[21:28] <EvilResistance> startcom ssl is a fraud?
[21:28] <Fuchs> thanks for flying freenode, here is a bag of peanuts *hands*
[21:28] <pangolin> salted?
[21:28] <JanC> I got a VeriSign SSL cert for a not yet existing company once, so I don't trust them  :P
[21:29] <EvilResistance> JanC, then take your prejudice out of here, VeriSign is a legit company.
[21:29] <Fuchs> pangolin: no, due to legal actions from former passengers. But here is a small bag of salt, for your convenience *hands*
[21:29]  * EvilResistance takes the unsalted peanuts
[21:29] <JanC> "please fax the request on a letter with your company logo"
[21:29] <EvilResistance> pangolin, i got a box of bags of salted, roasted peanuts.  here you go, have them all
[21:30] <pangolin> much appreciated
[21:30] <JanC> EvilResistance: Verisign has managed to sell Microsoft certs to a third party at least once...  :P
[21:30] <JanC> seriously, they are NOT legit
[21:30] <EvilResistance> JanC, idc?
[21:31] <EvilResistance> i dont use VeriSign anyways
[21:31] <JanC> many CA are sub-CA of VeriSign
[21:32]  * Fuchs looks at the discussion and sneaks away, whistling innocently
[21:32] <JanC> personally I prefer a private CA and an out-of-band way to check fingerprints on it
[21:32] <JanC> or even a self-signed cert
[21:32]  * EvilResistance pulls Fuchs back here using a graviton beam
[21:32] <EvilResistance> JanC, StartSSL doesnt use VeriSign
[21:32] <EvilResistance> they're their own :p;
[21:32]  * Fuchs bites and walks away again
[21:33] <JanC> EvilResistance: but how well do they check SSL cert applications?
[21:33] <EvilResistance> JanC, there's three levels of certs:
[21:33] <EvilResistance> domain only without individual verification
[21:33] <EvilResistance> individual/owner verification (requires actual personal info)
[21:34] <EvilResistance> and then full verification whcih includes business verification with tax records informations
[21:34] <JanC> that doesn't give me a lot of confidence...  ;)
[21:34] <EvilResistance> and you have to pay for the verification fo rhte first and second
[21:34] <JanC> only the last one is maybe legit
[21:34] <EvilResistance> the first one is free, but doesnt actually do anything
[21:34] <EvilResistance> (the actual personal info needed includes IRS tax records if you're in the USA, as well as background checks)
[21:34] <JanC> EvilResistance: but the first one will be accepted as legit by browsers etc.
[21:35] <EvilResistance> you know, why yhe hell am I arguing this...
[21:35] <EvilResistance> you want to not trust SSL, finbe
[21:35] <EvilResistance> dont drag people into this argument though
[21:35] <JanC> I trust the basics of SSL, I do not trust most CA