Linked by Thom Holwerda on Fri 29th Aug 2008 13:23 UTC, submitted by irbis
Firefox 3.0, released not too long ago, was generally well-received. It added a load of new features, while also providing much-needed speed improvements and better memory management. Some new features, however, have met more resistance - one of them is the rather complicated user interface thrown at users when they reach a website with an invalid or expired SSL certificate.
Permalink for comment 328552
To read all comments associated with this story, please click here.
To read all comments associated with this story, please click here.
Recent Original Stories
Recent Comments
Headlines
Random Comments
Random Stories
Random OS Link
Member since:
2005-07-06
My solution:
Two separate warnings:
1. Invalid or expired certificates: always bad... like current behavior
2. Self-signed or unknown certificate authorities: allow a simpler way to accept cert on first visit to a site (with some explanation about how only encryption is enabled but no identity verification has been done), but keep track whenever a site's certificate has changed on subsequent visits and show warning about man-in-middle attacks.
Easy!
Edited 2008-08-29 23:41 UTC