Bug#586836: iceweasel: unknown server certificates should - if accepted - not be made permanent per default
Mike Hommey
mh at glandium.org
Fri Jun 25 08:47:30 UTC 2010
On Wed, Jun 23, 2010 at 12:10:06AM +0200, Christoph Anton Mitterer wrote:
> Package: iceweasel
> Version: 3.5.9-3
> Severity: wishlist
>
>
> Hi.
>
> May I, for security reasons, suggest that if a user gets the well known dialog when accessing an
> https-site, for which the certificate is not yet trusted somehow, the "Permanently store this
> exception" check box should be unchecked per default.
>
> One often access SSL sites, which cannot be "trusted" (at least from the Firefox point of view)
> but this is often no problem, as one does not intend to enter or rely on any secured information
> anyway.
>
> However, per default the checkbox "Permanently store this exception" in the exception-dialog is
> enabled, which I guess, is bad for security reasons (as it would be permanent).
I'm not entirely convinced... I'm even pretty sure a lot of people would
find this even more annoying than it currently is (where you already
have to go through 5 clicks to get access to the damn thing).
Mike
More information about the pkg-mozilla-maintainers
mailing list