On 14/08/13 07:09, Mikko Rantalainen wrote: > I'd say that such a bookmark would be highly probably safe, if that > bookmark did include fingerprint for the site public key (*not CA key > fingerprint*) and the browser did verify the fingerprint before > entering the site.
Except that the bookmark would break with a scary warning whenever the site changed its key - i.e. once every two years. The "SSH model" of key continuity will not work for average users on the web. Gerv _______________________________________________ dev-security mailing list dev-security@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security
