On 05/21/2010 08:46 AM, From Kurt Seifried:
For you to claim that the browser should be able to determine the intent of a self signed and unknown certificate (i.e. is it legitimate, or a man in the middle) without any external help represents a failing is to show a pretty fundamental lack of understanding as to how this all works.
I could have saved myself a response - you've said that way better. -- Regards Signer: Eddy Nigg, StartCom Ltd. XMPP: [email protected] Blog: http://blog.startcom.org/ Twitter: http://twitter.com/eddy_nigg -- dev-tech-crypto mailing list [email protected] https://lists.mozilla.org/listinfo/dev-tech-crypto
