Quick Firefox question here from one of your non-developer users: Say I try to connect to a site over HTTPS, but I am presented with a "This Connection is Untrusted" dialogue due to an invalid certificate (self-signed, non-matching, etc.) If I make a permanent security exception, does that exception only apply to that particular certificate, or am I implicitly choosing to always connect to that site regardless of what invalid certificate is provided?
What I'm getting at: Obviously when I make a security exception I am taking a risk on that connection being a MitM. But am I also opening myself up to future MitM attacks, if a new certificate was to be provided later? -- frigidcode.com indicium.us
signature.asc
Description: OpenPGP digital signature
-- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
