From: Rich Freeman <rich0@gentoo.org>
To: gentoo-dev@lists.gentoo.org
Cc: Fabian Groffen <grobian@gentoo.org>
Subject: Re: [gentoo-dev] Bugzilla 4 migration
Date: Mon, 7 Mar 2011 16:52:23 -0500 [thread overview]
Message-ID: <AANLkTi=4AARMVYWMhpfETG=eUnEszmfkQ0bZ5F+8fTsq@mail.gmail.com> (raw)
In-Reply-To: <20110307213255.GK4530@gentoo.org>
On Mon, Mar 7, 2011 at 4:32 PM, Fabian Groffen <grobian@gentoo.org> wrote:
> As outsider, I don't like to accept another certificate thing, just to
> view a bugtracker.
When you think about it, this is a defect with your browser, and not
so much with SSL itself.
Your browser generally doesn't complain about unauthenticated
connections. It accepts unauthenticated connections that aren't
encrypted without any issues, despite these being completely open to
numerous attacks. However, your browser does complain when it makes
an unauthenticated connection that IS encrypted, even though this is
vulnerable to far fewer attacks.
Browsers shouldn't bug the user about self-signed certificates - they
should simply and clearly show that the user is connected to a host
that isn't authenticated by a trusted intermediate.
Oh, and browsers shouldn't come with root certs pre-installed by the
browser distributor either, but that is about as likely to get fixed
as the problem I just described.
In any case, I don't see poor browser design as a valid reason for
avoiding the use of SSL...
Rich
next prev parent reply other threads:[~2011-03-07 21:53 UTC|newest]
Thread overview: 32+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-03-06 22:55 [gentoo-dev] Bugzilla 4 migration Christian Ruppert
[not found] ` <4D742033.5030609@gentoo.org>
2011-03-07 1:49 ` Christian Ruppert
2011-03-07 9:12 ` Michał Górny
2011-03-07 9:24 ` Dirkjan Ochtman
2011-03-07 9:30 ` Michał Górny
2011-03-07 9:25 ` Mike Frysinger
2011-03-07 14:48 ` Tobias Klausmann
2011-03-07 14:50 ` Dane Smith
2011-03-07 15:00 ` Mike Frysinger
2011-03-07 19:47 ` Michał Górny
2011-03-07 20:03 ` Christian Ruppert
2011-03-07 20:06 ` Olivier Crête
2011-03-07 21:32 ` Fabian Groffen
2011-03-07 21:52 ` Rich Freeman [this message]
2011-03-07 21:59 ` Fabian Groffen
2011-03-07 22:23 ` Mike Frysinger
2011-03-07 22:25 ` Mike Frysinger
2011-03-08 8:08 ` Fabian Groffen
2011-03-08 14:26 ` Michał Górny
2011-03-08 14:41 ` Antoni Grzymała
2011-03-08 14:53 ` Michał Górny
2011-03-08 15:06 ` Nathan Phillip Brink
2011-03-07 9:33 ` Robin H. Johnson
2011-03-07 9:51 ` Robin H. Johnson
2011-03-07 10:09 ` justin
2011-03-07 11:30 ` Jorge Manuel B. S. Vicetto
2011-03-07 14:13 ` Donnie Berkholz
2011-03-07 15:35 ` Dirkjan Ochtman
2011-03-07 15:47 ` Donnie Berkholz
2011-03-08 6:50 ` Hans de Graaff
2011-03-08 14:06 ` Donnie Berkholz
2011-03-07 12:20 ` Markos Chandras
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='AANLkTi=4AARMVYWMhpfETG=eUnEszmfkQ0bZ5F+8fTsq@mail.gmail.com' \
--to=rich0@gentoo.org \
--cc=gentoo-dev@lists.gentoo.org \
--cc=grobian@gentoo.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox