On Wed, Mar 23, 2011 at 22:45, Robert Kaiser <KaiRo@kairo.at> wrote:
Andrew Joakimsen schrieb:
With Chromium, Safari, Internet Explorer, etc, if you visit a website with an "invalid security certificate" the bypass is 1 click.
Which is a security problem by itself. No user should be able to override the security certificate unless (s)he knows exactly that this breaks every security assumption and is very probably an attack if it happens on a high-volume site.
No, because all of the browsers that I cited (except Internet Explorer) that do SSL warnings the right way make the warning very clear it's something out of the ordinary. Please see the one from google-chrome at the URL below: http://i56.tinypic.com/69f6kn.jpg -- Med Vennlig Hilsen, A. Helge Joakimsen -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-factory+help@opensuse.org