Bug#586836: iceweasel: unknown server certificates should - if accepted - not be made permanent per default
Mike Hommey
mh at glandium.org
Sun Jun 27 09:56:15 UTC 2010
On Sat, Jun 26, 2010 at 12:47:14PM +0200, Christoph Anton Mitterer wrote:
> On Fri, 2010-06-25 at 10:47 +0200, Mike Hommey wrote:
> > I'm not entirely convinced... I'm even pretty sure a lot of people would
> > find this even more annoying than it currently is (where you already
> > have to go through 5 clicks to get access to the damn thing).
> Well you'd still get access to the site,... but only for this session
> and the certificate wouldn't be accepted permanently.
>
> I know that the current handling is quite annoying,.. but I guess
> security should always go before usability :)
But you can be sure that people won't be thinking too much about what
they do if they have to do many steps to do what they want. IMHO, your
proposed change will only force user to end up checking the box without
thinking about it.
On the other hand, how often are you not going to trust a certificate
you trusted once?
Mike
More information about the pkg-mozilla-maintainers
mailing list