On 08.01.2009 23:35, Eddy Nigg wrote:
On 01/08/2009 11:44 PM, Ian G:
Well, what Firefox does is cert-exception-click-thru-ordeal; whereas
people are asking for key-continuity-management, with perhaps the
emphasis on the last word.
Well, is it than an endorsement for self-signed certs?
It's not an *endorsement*, but making it possible to use them without
fat warning and without risking CA-verfied sites with that. At least
that's one part.
Otherwise I can't see the difference between what's requested and what
already exists.
For me, the more important part is *continuity*. For me, it's important
that the key stays the same (or signs the new key) and I don't have to
re-establish trust relationships all the time (via CAs).
It feel rather annoyed if I'd have to confirm every new cert encountered.
Please read the bug before commenting, thanks.
_______________________________________________
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
