On 13/10/14 18:20, Brad Hill wrote: > Why would we not just always require an https endpoint to be running > if we're going to automatically generate a test certificate, anyway? > Why put the burden on test authors to mark every test that requires > https? I had assumed that it wasn't a good idea because a) it requires people to have openssl installed to generate the CA and host cert/keys, b) actually trusting the cert only works well with wptrunner since you don't want to trust the fake CA into your real browser profile (or run your normal browser in a special don't-check-certs mode) c) we don't necessarily have a code path to install the CA cert in all browsers. If I am overestimating the importance of these, that would be great to know, because I agree that putting any burden on test authors here sucks.Received on Monday, 13 October 2014 17:35:45 UTC
This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 17:34:11 UTC