Firefox SSL-certificate debate gets gnarly

Slashdot

Firefox SSL-certificate debate gets gnarly -> 1

Submitted by BobB-nw on Thursday August 21 2008, @05:47PM

BobB-nw writes "Debate is reaching a fever pitch over a new security feature in Firefox 3.0 that throws out a warning page to users when a Web site's SSL certificate is expired or has not been issued by a trusted third party. Critics say that Firefox 3.0 is putting undue fear and confusion into everyday Web surfers, makes it difficult to set exceptions for certain Web sites, and is forcing Web site operators to do business with specific vendors of SSL certificates or risk the appearance that their Web sites are broken."
Link to Original Source

This discussion was created for logged-in users only, but now has been archived. No new comments can be posted.

Firefox SSL-certificate debate gets gnarly

Load All Comments

Search 1 Comments Log In/Create an Account

Comments Filter:

Firefox Extension for self-signed/expired certs (Score:1)

by danwent (667893) writes:

Check out: http://www.cs.cmu.edu/~perspectives/ [cmu.edu] This is a research project at Carnegie Mellon. The idea is that "network notary" servers scattered across the Internet uses network probing to build a history of keys uses by a server. When a client receives a self-signed/expired cert, it can compare with the certs seen by the network notaries and see if that key is value, or the result of a man-in-the-middle attack.

There may be more comments in this discussion. Without JavaScript enabled, you might want to turn on Classic Discussion System in your preferences instead.

Baseball is a skilled game. It's America's game - it, and high taxes. -- The Best of Will Rogers

Firefox SSL-certificate debate gets gnarly More Login

Firefox SSL-certificate debate gets gnarly

Firefox Extension for self-signed/expired certs (Score:1)