True, but isn't the issue that a malformed cert including self signed certs are rejected? A self signed cert is not insecure, it's just less secure than a root signed cert, and only because a background check has been done against the cert owner. Otherwise a self signed cert is just as valid if you know you can trust it, as when connecting to you domain controller or copier for the first time on a LAN. After that, the cert theoretically cannot be spoofed.
Bob S On Oct 25, 2016, at 08:18 , Lyn Teyla <lyn.te...@gmail.com<mailto:lyn.te...@gmail.com>> wrote: Remember to leave it set to true for production, though. Otherwise, malicious parties could intercept data transmissions whilst presenting their own fake certificates, negating the whole point of encrypting data in transit. Lyn :) _______________________________________________ use-livecode mailing list use-livecode@lists.runrev.com Please visit this url to subscribe, unsubscribe and manage your subscription preferences: http://lists.runrev.com/mailman/listinfo/use-livecode