Am 09.12.2014 um 19:13 schrieb Kevin Kofler:
Michael Catanzaro wrote:The default for an invalid TLS certificate should be to fail, no exceptions, since we know that a user clicking Yes is almost always picking the wrong option.Nonsense (and this is one of the reasons I hate Firefox). The right answer for an "invalid" TLS certificate is almost always "Accept".
i disagree here * unconditional accept is wrong * too easy accept is dangerous * it is not hard to accept a self signed cert in FF
Many sites cannot or do not want to afford a "valid" certificate from the CA cartel, and thus ship with self-signed certificates, or certificates by a non-cartel CA such as CAcert which we also don't trust. In addition, expiry dates are checked strictly (IMHO, they should be ignored entirely as they're just a ploy by the cartel to get you to pay regularly for renewal, or given at least a month of tolerance), so if the site forgot (or couldn't afford) to renew it on time, there too, "invalid" certificate. The draconian approach to TLS certificates only makes sites use unencrypted (and thus totally insecure) HTTP instead, which is absolutely counterproductive.
until DANE is widely deployed sadly not changing that the CA idea is broken by design is not new...
Konqueror does what browsers have always done before this braindead Firefox decision: It asks the user. And that's much better than default deny in this case.
* Firefox asks too * it is not hard to accept a self signed cert * BUT it is hard enough to defeat the "click OK somewhere" reflex
Attachment:
signature.asc
Description: OpenPGP digital signature
-- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
