29.06.2011, в 11:30, Nick Guenther написал(а): >>> 5. As the only good use for invalid certificates is development, there >>> should be an option in browser's Development menu to disable certificate >>> checks, perhaps until browser restart or just in current window. We don't >>> want users to make the decision whether an invalid certificate means that >>> they are unsafe. > > By "invalid" you mean "unverified" right? Yesterday I self-signed a > certificate and installed it on a new jabber server, and then got it talking > to gmail. Isn't that a good use for "invalid" certificates? I can see that > the front of the web might be pickier, but don't shut out us indie operators!
It appears that expired certificates should get the same treatment - if the user has already bypassed a confirmation dialog for https, there is no need to block wss. And yes, I was talking about it in the context of web browsing. In fact, a better solution for development could be adding your local signing authority key to Keychain, but I wasn't sure if the request was about development or deployment. - WBR, Alexey Proskuryakov _______________________________________________ webkit-dev mailing list [email protected] http://lists.webkit.org/mailman/listinfo.cgi/webkit-dev
