- From: James Graham <james@hoppipolla.co.uk>
- Date: Mon, 13 Oct 2014 18:35:17 +0100
- To: public-test-infra@w3.org
On 13/10/14 18:20, Brad Hill wrote: > Why would we not just always require an https endpoint to be running > if we're going to automatically generate a test certificate, anyway? > Why put the burden on test authors to mark every test that requires > https? I had assumed that it wasn't a good idea because a) it requires people to have openssl installed to generate the CA and host cert/keys, b) actually trusting the cert only works well with wptrunner since you don't want to trust the fake CA into your real browser profile (or run your normal browser in a special don't-check-certs mode) c) we don't necessarily have a code path to install the CA cert in all browsers. If I am overestimating the importance of these, that would be great to know, because I agree that putting any burden on test authors here sucks.
Received on Monday, 13 October 2014 17:35:45 UTC