[Pidgin] #9971: Invalid Certificate Chain For Self-Signed Certs
Pidgin
trac at pidgin.im
Thu Aug 20 19:02:58 EDT 2009
#9971: Invalid Certificate Chain For Self-Signed Certs
---------------------------------------------+------------------------------
Reporter: rhpt | Owner: darkrain42
Type: defect | Status: closed
Milestone: | Component: XMPP
Version: 2.6.1 | Resolution: duplicate
Keywords: invalid certificate self signed |
---------------------------------------------+------------------------------
Comment(by Dymaxion):
So in cases where the administrative contact for a service is not
available to refresh the certificate, but a service is still providing a
useful function, users deserve to be annoyed, despite being completely
aware of the situation? This seems like an unnecessarily hostile attitude
to take toward your user base. Users, not the developers, deserve to be
allowed to make the choice of whether or not they wish to continue
assigning trust to a certificate. Ensuring that they're appropriately
informed of the situation is quite reasonable, but repeatedly doing so is
neither useful nor necessary. There is a reason that every major browser
and almost every other system which uses X.509 allows users to make these
trust assignments. The ability of users to make these assignments in a
hassle free manner, once informed, does not materially harm the security
of their users. Rather, by making SSL more inconvenient to use, you're
actively encouraging users not to use it.
--
Ticket URL: <http://developer.pidgin.im/ticket/9971#comment:9>
Pidgin <http://pidgin.im>
Pidgin
More information about the Tracker
mailing list