Frank Hecker wrote:Thunderbird works OK with this setup, but as you note there is no way for me to import the root CA certificate for my CA. Thus I have to rely on TB to present the initial cert warning dialog, and then tell it to accept the server certificate. After that everything seems to work OK.
So, how informed is the decision when you make it ? Can you view the cert details before accepting the cert and trusting it ? Or do you have to do it just blindly ?
The cert acceptance dialog presented in Thunderbird appears to be exactly the same dialog you'd see in Mozilla for connecting to an SSL-enabled web site with a certificate from an untrusted CA (even the dialog wording says "web site"); you can view the cert details and do everything else you can do in Mozilla.
It's often not a practical solution in multi-platform environment to rebuild all the clients with pre-loaded certs. I think the deployment cost is too high, and the corporations will just look elsewhere for apps that have a cert manager.
Well in any case I think this point may be moot, since based on Duane's comment Thunderbird (0.7x) does appear to have a cert manager.
Frank
-- Frank Hecker [EMAIL PROTECTED] _______________________________________________ mozilla-crypto mailing list [EMAIL PROTECTED] http://mail.mozilla.org/listinfo/mozilla-crypto
