Dotan Cohen wrote:
Have you seen the fit Firefox 3 makes for self-signed certs? So far as
the end user is concerned, the site is inaccesible.
Yes I have.
That's why on my site I have an instruction page - and a demonstration
of how Opera does it, which is just as secure and less of a PITA, and a
suggestion that users go ahead and try Opera - something I never did
before FF messed up the self signed SSL process.
The FF3 really bugged me -
1) The purpose of SSL is to provide public/private key encryption.
2) The purpose of signing is so that they know you are really you on
future visits.
3) The purpose of certificate authorities is so that they know you are
you on the first visit.
Many web sites benefit from the first two without needing the complexity
of the third, a concept FireFox seems to have lost.
I don't need the paperwork hassle etc. for the few sites I run - I just
need a way for a user to authenticate so I can give 'em a session
cookie, no sensitive data is ever collected. Ah well.
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
