On Thu, 2016-01-07 at 10:04 -0430, Robert Marcano wrote: > As someone who wrote the original certificate manager implementation > [1] > when Epiphany was Gecko powered, It never was enabled. And > apparently > never ported to webkit. > > If Web authors still think it is a seldom used feature, They never > had a > business bank account where you need to be able to manage the > certificates. Sometimes only for backing it up or installing it on > another machine. > > [1] https://bugzilla.gnome.org/show_bug.cgi?id=119090 Hi Robert, We've had several bugs about this, but at the end of the day I think Epiphany is the wrong place for a certificate manager, because Epiphany does not have its own trust store like Firefox/NSS does -- it instead uses the system trust. Like Bastien mentions, we have a separate application, Seahorse, which exists to manage certificates systemwide. I think we should focus on improving Seahorse instead. Daiki Ueno from Red Hat has been working on this. Seahorse has a certificate import feature, but I believe it's currently broken; in the meantime, you have to open a terminal and use the 'trust' command. I'm not opposed to adding a certificate manager in Epiphany if someone else wants to work on it, but we should meet with the GNOME designers and the safety team to figure out the proper division of responsibility between Epiphany and Seahorse. Maybe a compromise solution would be a Certificate Manager menu item that just launches Seahorse. We're certainly open to brainstorming about this. On a somewhat unrelated note, I think Epiphany current certificate dialog (which does not allow management, but displays the certificate used on the current page) could stand to be improved. Currently it is excellent at showing the server's certificate, but it ought to be able to show the entire chain. This is not something most users care about, so I think it's not a big problem, but I get tired of switching to the command line to investigate certificate issues. Michael P.S. Thanks for your contributions to Epiphany! -- desktop mailing list desktop@xxxxxxxxxxxxxxxxxxxxxxx http://lists.fedoraproject.org/admin/lists/desktop@xxxxxxxxxxxxxxxxxxxxxxx
