On 01/07/2016 01:54 PM, Michael Catanzaro wrote:
On Thu, 2016-01-07 at 10:04 -0430, Robert Marcano wrote:
As someone who wrote the original certificate manager implementation
[1]
when Epiphany was Gecko powered, It never was enabled. And
apparently
never ported to webkit.
If Web authors still think it is a seldom used feature, They never
had a
business bank account where you need to be able to manage the
certificates. Sometimes only for backing it up or installing it on
another machine.
[1] https://bugzilla.gnome.org/show_bug.cgi?id=119090
Hi Robert,
We've had several bugs about this, but at the end of the day I think
Epiphany is the wrong place for a certificate manager, because Epiphany
does not have its own trust store like Firefox/NSS does -- it instead
uses the system trust. Like Bastien mentions, we have a separate
application, Seahorse, which exists to manage certificates systemwide.
I think we should focus on improving Seahorse instead. Daiki Ueno from
Red Hat has been working on this.
For discussions about if Web is ready or not to replace Firefox, it
doesn't matter to much if the implementation is on Web or a lower layer,
only if the user can do it. The question if this is a needed feature is
another thing to discuss.
Another features missing that I remember from using it for testing:
- No UI (yet) to add new search engines.
- UI option for not automatically restore previous open tabs, this
default is annoying for me
- (Desired) Import bookmarks from Firefox. There is an import menu
option but it should be able to detect the Firefox profile by default,
with no need to install Firefox, export and then import. Migration
should be easy
Seahorse has a certificate import feature, but I believe it's currently
broken; in the meantime, you have to open a terminal and use the
'trust' command.
I'm not opposed to adding a certificate manager in Epiphany if someone
else wants to work on it, but we should meet with the GNOME designers
and the safety team to figure out the proper division of responsibility
between Epiphany and Seahorse. Maybe a compromise solution would be a
Certificate Manager menu item that just launches Seahorse. We're
certainly open to brainstorming about this.
On a somewhat unrelated note, I think Epiphany current certificate
dialog (which does not allow management, but displays the certificate
used on the current page) could stand to be improved. Currently it is
excellent at showing the server's certificate, but it ought to be able
to show the entire chain. This is not something most users care about,
so I think it's not a big problem, but I get tired of switching to the
command line to investigate certificate issues.
Michael
P.S. Thanks for your contributions to Epiphany!
--
desktop mailing list
desktop@xxxxxxxxxxxxxxxxxxxxxxx
http://lists.fedoraproject.org/admin/lists/desktop@xxxxxxxxxxxxxxxxxxxxxxx
--
desktop mailing list
desktop@xxxxxxxxxxxxxxxxxxxxxxx
http://lists.fedoraproject.org/admin/lists/desktop@xxxxxxxxxxxxxxxxxxxxxxx
