Author: Tony Whitmore Date: To: Hampshire LUG Discussion List Subject: Re: [Hampshire]
home self signed ssl cert with multiple host names?
On Wed, 04 Feb 2009 08:24:50 +0000, Sean Gibbins <sean@???>
wrote: > I guess that way litigious types can't say that their savings were
> stolen by scammers and it's all Firefox's fault for not putting a dire
> warning up - hence the arse-covering comment in the earlier post.
The thinking as I understand it is that SSL certificates are relatively
cheap to obtain so any "legit" business would have forked out a few quid
for the necessary certificate. The scale of the warning is to combat the
people who just click "accept" on any dialogue box, including security
related ones. This is at the cost of usability of course, which is why this
feature caused such a stink during the FF3 beta phase.
BTW, there are at least three CACert assurers in the LUG if people are
interested in getting involved with CACert. The CACert root certificate is
included in Debian and Ubuntu (at least) but Firefox has its own cache of
trusted CAs and CACert is not included in that (yet). It is working to get
accepted however.
