On 2016-01-04 12:48 PM, Eric Rescorla wrote:
On Mon, Jan 4, 2016 at 9:47 AM, Mike Hoye <mh...@mozilla.com
<mailto:mh...@mozilla.com>> wrote:
On 2016-01-04 12:31 PM, Bobby Holley wrote:
By "this sort of software" do you mean "Firefox"? Because
that's what 95% of our users experiencing this are going to do
absent anything clever on our end. We clearly need to
determine the scale of the problem to determine how much time
it's worth investing into this. But I think we should assume
that an affected user is a lost use in this case
Is consumer-grade home networking gear on our radar here? Many,
many home APs will self-generate SHA-1 certificates on their first
boot after a reset.
The certificates from those devices aren't valid in any case, because
they do not chain to a trust anchor.
I'm really asking about the user experience. If it's the same "add an
exception and proceed" process, that's not great, but we're no worse off
and my concerns are unfounded.
- mhoye
_______________________________________________
dev-platform mailing list
dev-platform@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-platform