This bug report should be taken seriously (security). Certificate verification is the fundamental of CA trust.
Without verification, CA trust can be established. This put users at risk of mitm attack. Elinks note about 'extensive configuration' should be ignored, since Debian has packaged ca-certificates, which can be used as CA trust anchor.
