[Users] [Bulk] [Bug 2738] Erroneous rotation of SSL certificates

[Kevin Chadwick]

> Accepting and saving multiple certificates for a single host is less safe in
> the following way (quoting ratinox at gweep.net on the ML):

Conversely though there is no difference between accepting three
previously accepted certificates as accepting one as long as the same
checks have occurred and it is not silent, as going back to an old
certificate could be a problem but as long as the user is made aware
perhaps with when it was last seen, it shouldn't be. 

The users job could be made easier or the user just made more aware as
manually accomplishing checking if the cert was previously accepted is
easy when understood. Estimating the risks of going back to an expiring
certificate is obviously more difficult but likely far less risky or
the risk perhaps already taken than a completely new certificate,
atleast if checking ability is limited.

p.s. When this happened on yahoo I switched to US servers for a week. I
understood the cert was being upgraded eventually but didn't understand
fully, why it happened or why claws behaved differently at the time.

Now hurry up world and give us a trusted limited yet redundant core
infrastructure, dns or not considering the state of that perhaps double
checked with a web of trust that server admins can check is correct or
that can ask our servers for before protecting with it's bundled key so
we can all drop CAs.

-- 
_______________________________________________________________________

'Write programs that do one thing and do it well. Write programs to work
together. Write programs to handle text streams, because that is a
universal interface'

(Doug McIlroy)
_______________________________________________________________________