[webkit-dev] Unverified cert
Alexey Proskuryakov
ap at webkit.org
Wed Jun 29 12:09:46 PDT 2011
29.06.2011, в 11:30, Nick Guenther написал(а):
>>> 5. As the only good use for invalid certificates is development, there should be an option in browser's Development menu to disable certificate checks, perhaps until browser restart or just in current window. We don't want users to make the decision whether an invalid certificate means that they are unsafe.
>
> By "invalid" you mean "unverified" right? Yesterday I self-signed a certificate and installed it on a new jabber server, and then got it talking to gmail. Isn't that a good use for "invalid" certificates? I can see that the front of the web might be pickier, but don't shut out us indie operators!
It appears that expired certificates should get the same treatment - if the user has already bypassed a confirmation dialog for https, there is no need to block wss.
And yes, I was talking about it in the context of web browsing. In fact, a better solution for development could be adding your local signing authority key to Keychain, but I wasn't sure if the request was about development or deployment.
- WBR, Alexey Proskuryakov
More information about the webkit-dev
mailing list