Bug#586836: iceweasel: unknown server certificates should - if accepted - not be made permanent per default
Christoph Anton Mitterer
calestyo at scientia.net
Sun Jun 27 11:50:04 UTC 2010
On Sun, 2010-06-27 at 11:56 +0200, Mike Hommey wrote:
> But you can be sure that people won't be thinking too much about what
> they do if they have to do many steps to do what they want. IMHO, your
> proposed change will only force user to end up checking the box without
> thinking about it.
Well ok,.. it's your decision :) ... was just a proposal for IMHO a bit
more security.
Best thing would perhaps be if that's configurable or so...
> On the other hand, how often are you not going to trust a certificate
> you trusted once?
I personally, do it always like that and accept that just temporarily.
If I want it permanently, I usually try to get the root-cert in a secure
way ;)
Best wishes,
Chris.
More information about the pkg-mozilla-maintainers
mailing list