Re: Web of Trust (a revolution)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Mon, Mar 30, 2009 at 09:50:20 -0700,
  Craig White <craigwhite@xxxxxxxxxxx> wrote:
> I'm not sure that I agree with you at all but your being vague. If I
> assume that you are talking about the way Firefox handles untrusted
> certificates with their alert and requires you to 'get the certificate'
> and accept & store or merely temporarily accept, then I disagree...I
> very much like the way they are handling untrusted certificates. By
> contrast, the way most portable devices such as iPhones, Blackberries,
> etc. handle untrusted certificates glosses over these details to the
> point of scary.

Because you have to jump through hoops if all you want is protection from
passiv eavesdropping and not assurance that I am connected to the correct
web site. (And even the roots CAs don't provide that. They provide assurance
about the connection matching the domain name, which isn't really the
same thing.)

> I'm not sure at all what you are accomplishing by removing the normally
> trusted root certificates.

If I return to a site I notice whether or not the certificate has changed.
The UI still sucks for this, since it wasn't designed to be used this way.

I have no special trust relationship with any of the organizations that
have their certs included in firefox, and they don't certify what I really
want to know, so they just get in the way.

-- 
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines

[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux