Robert Relyea a écrit : > Ah... So in Firefox 2 you get a dialog that warns you the certificate > is bad? In Firefox 3 it prevents you from connecting? Yes, exactly.
> This is operating exactly as planned. both Firefox 2 and Firefox 3 > have rejected the certificate as bad since the certificate is > inherently untrusted. Firefox 2 rejects the certificate in a way that > many users doe not recognize 'rejecting the certificate'. We have > fixed this problem in Firefox 3. OK. > In general self-signed certificates are bad crypto hygiene. The are > basically only useful for a private user connecting to their own > webserver for testing. Firefox 3 does provide a way to eventually > trust *just that certificate*, but it's not obvious to users. I would > say that Firefox 3's new UI is a resounding success as it properly > identified your certificate as broken in a way that you would recognize. Thanks for these explainations. Best regards. -- Chris _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
