- From: Thomas Roessler <tlr@w3.org>
- Date: Fri, 9 Feb 2007 23:28:39 +0100
- To: "Yngve N. Pettersen (Developer Opera Software ASA)" <yngve@opera.com>
- Cc: "public-wsc-wg@w3.org" <public-wsc-wg@w3.org>
On 2007-02-09 01:13:27 +0100, Yngve N. Pettersen (Developer Opera Software ASA) wrote: > If more than one warning is necessary the most severe is > identified by the dialog, and the rest are listed in a list in > the dialog. > These problems can be resolved for the rest of the session, but > unless they can be solved by installing certificates in the > database (or on the server) the warning will be display next time > Opera has been reset. Playing around a bit with Opera 9 here, it looks as if Opera keeps state about unsafe certificates visible when the user overrides; interestingly, it doesn't go the additional step of telling me "but you chose to accept this certificate." > The user can also specify a preference for a certificate in the > root store that makes Opera warn whenever a certificate is part > of a certificate's chain. This is the default whenever a > certificate is installed by downloading (but not when installing > from a unknown root dialog). Do you have any data whether people actually use that option? > "The signatures of this certificate could not be verified. While > this can be caused by the issuer using the wrong method to sign > the certificate, it can also be caused by attempts to modify or > fake the certificate." I take it that this is considered a fatal error that does not permit a user override? > The user can also, in addition to the certificate warning > preference mentioned above, specify that all access to sites > using a specific certificate in the root store is forbidden. This > will be indicated by a error specifying the certificate is valid > but access is forbidden. Once again, I'd be curious to learn to what extent that feature is actually in use. Do you have any data on that from your testing? -- Thomas Roessler, W3C <tlr@w3.org>
Received on Friday, 9 February 2007 22:27:16 UTC