[Gllug] Polipo - Was: Caching youtube videos
Richard Jones
rich at annexia.org
Mon Oct 6 10:46:04 UTC 2008
On Sat, Oct 04, 2008 at 01:17:00PM +0100, Stuart Children wrote:
> On Sat, Oct 04, 2008 at 09:34:14AM +0100, Richard Jones wrote:
> > The recent change to Firefox 3
> > where it now refuses to go to sites that have self-signed certificates
> > (but not sites which have no encryption at all) is thoroughly stupid.
> > Instead it should act like ssh -- show the key when you first visit a
> > site, show nothing on subsequent visits unless the key changes.
>
> FUD. It doesn't refuse those sites at all. This has been misreported a lot,
> and when I initially heard that my reaction was the same as yours.
No, I am correct. I've just tried this with the very latest Firefox.
On a site (https://lists.andrew.cmu.edu/mailman/listinfo/minirpc-devel)
with a self-signed cert I get this error:
Secure Connection Failed
lists.andrew.cmu.edu uses an invalid security certificate.
The certificate is not trusted because the issuer certificate is not
trusted.
(Error code: sec_error_untrusted_issuer)
* This could be a problem with the server's configuration, or it could
be someone trying to impersonate the server.
* If you have connected to this server successfully in the past, the
error may be temporary, and you can try again later.
Accompanied by a "cop-style" logo which clearly indicates I have done
something very wrong and cannot go any further. At the very bottom of
this message, in the tiniest letters, a link says:
Or you can add an exception
Now, compare this to a page which is unencrypted. http://news.bbc.co.uk/
shows no error at all.
Rich.
--
Richard Jones
Red Hat
--
Gllug mailing list - Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug
More information about the GLLUG
mailing list