You Aren't Yet Securely at DigitalCash.to
The Digital Cash Alliance is an advocacy group which promotes the development and use of anonymous, peer-to-peer digital cash. You have arrived at our standard web address, possibly by accident. It is vitally important that you connect to our web site securely. Accordingly, we have placed this landing page here to re-direct you to our secure site. Please click here to visit our secure site.
We encourage you to use HTTPS Everywhere from the Electronic Frontier Foundation to visit web sites securely if a secure connection is provided.
You are arriving at DigitalCash.to with an insecure connection. The nature of our work makes it essential that you only connect using a secure URL (https). There are links above and below to the secure site, or you can use the items in the menu stripe above.
We are excited about the Let's Encrypt initiative being sponsored by the Electronic Frontier Foundation (and others). This API will make it easy to use encryption (https) to access web sites such as ours, without complaints from browsers and without relying on blind trust in hundreds of faceless "Certificate Authorities," any of which may be compromised by government spy agencies. When this initiative went into beta test in the first part of November 2015, we entered the beta program. Until then, we used only a self-signed site certificate, as a protest against the deeply flawed CA authority system. Read on to learn more about our reasoning, or just click our secure site link.
What's going on, here?
Doesn't your browser alert you to non-CA-signed security certificates because they are supposed to be a hazard to your web browsing activities, and "no reputable company" would ever ask you to accept one?
One serious problem is that whenever a website uses a certificate signed by a Certificate Authority (CA), found in the browser's root certificate list, it becomes possible for government criminals to demand that CA, or any captive "official" CA, supply them with another apparently valid site certificate. They can use this substitute certificate to carry out a man-in-the-middle (MITM) attack in order to capture all of the traffic to that site without detection by either the visitors or even the site itself. You trust a central Certificate Authority at considerable risk to your privacy.
The Truth is the Opposite
Government criminals, such as the NSA and GCHQ and their counterparts around the world, are undoubtedly the most likely parties to spy on your activities online. (Because they routinely spy illegally on everybody, but especially when visiting a site about untraceable digital cash!) There are hundreds of CA companies worldwide, whose signing certificates are included in the root certificate bundles of web browsers. All it takes is a single one of these CAs to be on the take (or under secret orders such as a national security letter) for any "secure" site in the world to become vulnerable to undetected attack by government spy agencies. Do you know who all of those hundreds of CA companies are, really, or have any reason to trust them? Neither do we. They might as well all be anonymous. But trusting any of them requires trusting all of them. So your browser has it exactly backwards: the sites it will never complain about are precisely those you may not be able to trust.
My goodness that's scary! So, how do we protect ourselves? The best approach is by recording the key fingerprint of the certificate when you first visit the site. Then make sure that the key fingerprint does not change.
Our site's (digitalcash.to:443) SHA256 key fingerprint is:
You can view the fingerprint by connecting securely, then using right-click + View Page Info, and going to the Security tab, then viewing the certificate. If that seems like a lot of trouble, there are various plug-in extensions for various web browsers which help to automate this task for you. We recommend Certificate Patrol for Firefox.
No Digital Cash Funds Are Transferred Using Any Website
Please be advised that no funds in Voucher-Safe wallets are ever transferred using our website, nor using any other web site. Wallet user data is also never stored on our web site. The entire architecture of the Voucher-Safe system prevents us from having information on who controls which wallet, what funds are in which wallet, and uses encrypted data storage and data transfer that avoids the security-compromised browser.
The reason for our website's https security is simply to keep your browsing habits and any customer order details private. We value your privacy and insist on keeping your data secure.
So to visit DigitalCash, go to our real home page by using the link below.