[Epiphany] Re: [Galeon-devel] Re: [Galeon/Epiphany certificatealerts]

From: Crispin Flowerday <gnome flowerday cx>
To: Eivind Tagseth <eivindt multinet no>
Cc: epiphany mozdev org, galeon-devel lists sourceforge net
Subject: [Epiphany] Re: [Galeon-devel] Re: [Galeon/Epiphany certificatealerts]
Date: Wed, 03 Sep 2003 20:38:24 +0100

On Wed, 2003-09-03 at 19:55, Eivind Tagseth wrote:
> * Crispin Flowerday <gnome@flowerday.cx> [030903 18:36]:
> 
> > Dialog 1:
> > 
> > "Accept incorrect security information?"   
> > 
> > The site "ftp.openssl.org" returned security information for
> > "www.openssl.org". It is possible that someone is intercepting 
> > your communication to obtain your confidential information.
> > 
> > "You should only accept the security information if you trust
> > "ftp.openssl.org".
> > 
> > [ View Certificate ] [ Cancel ] [ Accept ]
> 
> I'm not 100% sure in what situations this dialog pops up.  Will this dialog
> pop up if I try to connect to www.internetbank.com but the certificate is for
> www.stealmymoney.com?  In that case it doesn't matter much if I trust
> www.internetbank.com or not.

Yep, looking at that text again, I think it should say the name returned
in the certificate, not the name the user connected to.

Thanks for pointing that out

Crispin

References:
- [Epiphany] Re: [Galeon/Epiphany certificate alerts]
  - From: Crispin Flowerday

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]