[Users] gmail certs
Colin Leroy
colin at colino.net
Wed May 28 17:44:16 CEST 2014
On Wed, 28 May 2014 17:38:10 +0200, Andrej Kacian <andrej at kacian.sk>
wrote:
> > Now that we have proper certificate chain verification, I'm
> > starting to wonder whether we should accept correctly signed
> > certificates automatically.
>
> Please, if so, make this a (hidden) configurable option. Not everyone
> trusts CA signatures. :)
Yes, and a certificate changing when not close to expiring and with a
different signer, although valid technically, is suspicious.
That's why we left that warning. But this gmail thing is an annoyance.
--
Colin
More information about the Users
mailing list