On May 21, 1:46 am, Kurt Seifried <k...@seifried.org> wrote: > m...@mattmccutchen.net wrote: > > I'm not claiming that the user knows. I only said that if there is in > > fact no impersonation, then the error is a false positive. [...] > For you to claim that the browser should be able to determine the > intent of a self signed and unknown certificate (i.e. is it > legitimate, or a man in the middle) without any external help > represents a failing is to show a pretty fundamental lack of > understanding as to how this all works.
Once again, I make no such claim. I said that if there is in fact no impersonation, then the error is a false positive. Of course the browser cannot determine that. -- Matt -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
