On 01/03/10 18:27 +0100, Cédric Krier wrote: > On 26/02/10 17:55 +0100, Cédric Krier wrote: > > Hi, > > > > This is a proposal to implement fingerprints check. > > It requires some userfriendly stuff like a clean popup windows that explain > > why the connection can not be established. > > > > Please review this at http://codereview.appspot.com/223066/show > >
We think we have understood the main issue about this. It is because people wants to achieve different goals (some are commons). - fingerprint: is to provide a simple solution to protect SMB company of MIM attack. By simple, I mean that doesn't imply any thing to configure and doesn't add anything to the GUI (which is already complicated) - CA check: is to provide a general solution for certificate validation by using existing tools that are more complicated and will not fit well in SMB (non-IT). My conclusion is that both solution can be implemented together. We just need to add validation with CA if a specific file exists. -- Cédric Krier B2CK SPRL Rue de Rotterdam, 4 4000 Liège Belgium Tel: +32 472 54 46 59 Email/Jabber: [email protected] Website: http://www.b2ck.com/
pgp9ZhLTkbnwa.pgp
Description: PGP signature
