Ian G wrote, On 2008-10-19 05:09:
> Ian G wrote:
>> Nelson B Bolyard wrote:
>>> KCM would not have helped.
>> I agree, KCM would not have helped.  In both cases, the warnings are
>> delivered, and the user is given the responsibility for the overrides.
> I was thinking about this, and actually, KCM would have helped here.

No, it couldn't have.  In fact, it could have been hurtful.

> If you look at the two cert viewers side by side, then there is a
> clear difference:
>   https://bugzilla.mozilla.org/attachment.cgi?id=343662
>   https://bugzilla.mozilla.org/attachment.cgi?id=343663
> Now, this info and the difference is available to the browser, which
> operating in KCM mode.  It would be an easy thing to display the two
> certs, and the differences highlighted, perhaps in red or somesuch.

This was a brand new installation.  Formatted hard drive, reinstalled OS,
installed browser.  FIRST contact with every https site produced the
self-signed cert warning.  There simply were no other certs with which
to compare.  KCM would have accepted those certs without any complaint.

THEN, later, if and when she came upon the REAL server certs from the
real server, KCM would have warned her away!  It would have said
"Wait, don't trust this new cert!"

And don't forget the Debian key generator.  It showed us that a serious
flaw in KCM is the complete lack of any revocation mechanism.

I want to drive a stake through the heart of something, too.
Can you guess what it is?
dev-tech-crypto mailing list

Reply via email to