Sudheer wrote:
Michael A. Peters wrote:
Sites (like mine) that don't want to pay a certificate authority can
use a self-signed cert. Even Red Hat does for some of their stuff (IE
I believe their bugzilla server)
Firefox scares its users when they encounter a website with self signed
certificate. If your website users aren't worried about the warning
Firefox throws at them, self signed cert works well.
Yeah it does, hopefully they fix it.
What scares me is allowing sites I have no reason to trust as non
malicious and have no reason to trust as properly secured against XSS
injection to load scripts that execute on my machine.
People who use Firefox may be scared by the absurd warning FireFox 3
uses (something I've complained about to them) - other than informing
users of the issue and hoping some read it, not much I can do about
that. Hopefully FireFox will fix the issue and do something like what
opera does (except the cert for session if you just click OK, accept it
permanently if you click the security tab and check a box first).
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
