[Users] gmail certs

Colin Leroy colin at colino.net
Wed May 28 17:44:16 CEST 2014


On Wed, 28 May 2014 17:38:10 +0200, Andrej Kacian <andrej at kacian.sk>
wrote:

> > Now that we have proper certificate chain verification, I'm
> > starting to wonder whether we should accept correctly signed
> > certificates automatically.  
> 
> Please, if so, make this a (hidden) configurable option. Not everyone
> trusts CA signatures. :)

Yes, and a certificate changing when not close to expiring and with a
different signer, although valid technically, is suspicious. 

That's why we left that warning. But this gmail thing is an annoyance.

-- 
Colin



More information about the Users mailing list