[webkit-dev] Unverified cert

Nick Guenther Nick.Guenther at dossierview.com
Wed Jun 29 11:30:28 PDT 2011



>> From: webkit-dev-bounces at lists.webkit.org [mailto:webkit-dev-bounces at lists.webkit.org] On Behalf Of Alexey Proskuryakov
>> Sent: Wednesday, June 29, 2011 2:03 PM
>> To: Mossman, Paul (Paul)
>> Cc: webkit-dev at lists.webkit.org
>> Subject: Re: [webkit-dev] Unverified cert: Allow wss:// if user has accepted https:// warning? (WebKit Bug 41419)
>>
>> 5. As the only good use for invalid certificates is development, there should be an option in browser's Development menu to disable certificate checks, perhaps until browser restart or just in current window. We don't want users to make the decision whether an invalid certificate means that they are unsafe.

By "invalid" you mean "unverified" right? Yesterday I self-signed a certificate and installed it on a new jabber server, and then got it talking to gmail. Isn't that a good use for "invalid" certificates? I can see that the front of the web might be pickier, but don't shut out us indie operators!

-Nick Guenther


More information about the webkit-dev mailing list