[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Savannah-help-public] missing SSL cert from savannah site
|
From: |
Yavor Doganov |
|
Subject: |
Re: [Savannah-help-public] missing SSL cert from savannah site |
|
Date: |
Fri, 16 Oct 2009 20:05:19 +0300 |
|
User-agent: |
Wanderlust/2.15.5 (Almost Unreal) SEMI/1.14.6 (Maruoka) FLIM/1.14.9 (Gojō) APEL/10.7 Emacs/23.1 (i486-pc-linux-gnu) MULE/6.0 (HANACHIRUSATO) |
Sylvain Beucler wrote:
> Mozilla follows money-based audit.
Right, and because of this, they decided to make certificate errors in
xulrunner 1.9 fatal (i.e. Firefox 3.x). The user has to jump through
hoops to make the browser believe the certificate is valid, thus
finally allowing access to the site.
The Debian maintainer has found this behaviour annoying enough to
forward-port the NSIBadCertListener interface from xulrunner 1.8 to
1.9.x, so this is less of a problem for Debian users (unfortunatley
not for gNewSense users, as Ubuntu's xulrunner package doesn't have
this patch.).
More importantly, I fail to see what the problem is, really. If the
user is clueless enough and doesn't understand how to validate a
certificate, what good it does if we choose a certificate that is
included in a (popular) particular program?
The "learning about GNU" issue is non-existent, since all www.gnu.org
contents is available via HTTP.
> I don't know about other Savannah hackers, but if that happened I'd
> certainly have better things to do.
Not that I count as Savannah hacker, but I think that what we do
currently is quite sane.
- Re: [Savannah-help-public] missing SSL cert from savannah site, Jon, 2009/10/12
- Re: [Savannah-help-public] missing SSL cert from savannah site, Richard Stallman, 2009/10/13
- Re: [Savannah-help-public] missing SSL cert from savannah site, Sylvain Beucler, 2009/10/15
- Re: [Savannah-help-public] missing SSL cert from savannah site, Jon, 2009/10/15
- Re: [Savannah-help-public] missing SSL cert from savannah site, Richard Stallman, 2009/10/16
- Re: [Savannah-help-public] missing SSL cert from savannah site, Sylvain Beucler, 2009/10/16
- Re: [Savannah-help-public] missing SSL cert from savannah site, Matt Lee, 2009/10/16
- Re: [Savannah-help-public] missing SSL cert from savannah site, Sylvain Beucler, 2009/10/16
- Re: [Savannah-help-public] missing SSL cert from savannah site,
Yavor Doganov <=
- Re: [Savannah-help-public] missing SSL cert from savannah site, Matt Lee, 2009/10/16
- Re: [Savannah-help-public] missing SSL cert from savannah site, Yavor Doganov, 2009/10/16
- Re: [Savannah-help-public] missing SSL cert from savannah site, Matt Lee, 2009/10/16
- Re: [Savannah-help-public] missing SSL cert from savannah site, Yavor Doganov, 2009/10/16
- Re: [Savannah-help-public] missing SSL cert from savannah site, Richard Stallman, 2009/10/17
- Re: [Savannah-help-public] missing SSL cert from savannah site, Jonathan Gonzalez V., 2009/10/16
- Re: [Savannah-help-public] missing SSL cert from savannah site, Richard Stallman, 2009/10/17
- Re: [Savannah-help-public] missing SSL cert from savannah site, Yavor Doganov, 2009/10/17
- Re: [Savannah-help-public] missing SSL cert from savannah site, Richard Stallman, 2009/10/18
- Re: [Savannah-help-public] missing SSL cert from savannah site, Sylvain Beucler, 2009/10/19