Comments on: Firefox 3.1 SSL certificate warnings http://blog.verwilst.be/2008/12/12/firefox-31-ssl-certificate-warnings/ Linux, Open Source. That's pretty much it. Thu, 12 May 2011 05:23:33 +0000 hourly 1 http://wordpress.org/?v=3.1.4 By: Philip Paeps http://blog.verwilst.be/2008/12/12/firefox-31-ssl-certificate-warnings/comment-page-1/#comment-271 Philip Paeps Fri, 12 Dec 2008 20:58:28 +0000 http://blog.verwilst.be/?p=134#comment-271 Note, by the way, that OpenSSH has worked like this since the beginning of time. Note, by the way, that OpenSSH has worked like this since the beginning of time.

]]> By: Philip Paeps http://blog.verwilst.be/2008/12/12/firefox-31-ssl-certificate-warnings/comment-page-1/#comment-270 Philip Paeps Fri, 12 Dec 2008 20:57:45 +0000 http://blog.verwilst.be/?p=134#comment-270 I have complained at length about the idiocy in Mozilla regarding self-signed certificates. The basic problem is that Mozilla does not understand the difference between "trust" and "validity". Or perhaps they do, but the userfriendly police don't allow them to expose the distinction to the poor saps clicking away at the shiny buttons. The real solution is: pop up a box saying that the trustworthiness of the certificate cannot be determined because no root certificate could be found to assert it. Then ask the user to verify that the fingerprint of the certificate matches the fingerprint they received out-of-band from the owner of the certificate. This does not address the fundamental flaw in the equation of "CA signature" with "trustworthy", but unlike every other flailing attempt I've seen suggested, it would actually be a real step in the right direction. I have complained at length about the idiocy in Mozilla regarding self-signed certificates. The basic problem is that Mozilla does not understand the difference between “trust” and “validity”. Or perhaps they do, but the userfriendly police don’t allow them to expose the distinction to the poor saps clicking away at the shiny buttons.

The real solution is: pop up a box saying that the trustworthiness of the certificate cannot be determined because no root certificate could be found to assert it. Then ask the user to verify that the fingerprint of the certificate matches the fingerprint they received out-of-band from the owner of the certificate.

This does not address the fundamental flaw in the equation of “CA signature” with “trustworthy”, but unlike every other flailing attempt I’ve seen suggested, it would actually be a real step in the right direction.

]]>