[Users] [Bug 3660] SSL Cert change shown on previously accepted certificates.
blind Pete
peter_s_d at fastmail.com.au
Thu Jul 14 06:05:22 CEST 2016
On Tue, 12 Jul 2016 15:55:19 +0000
noreply at thewildbeast.co.uk wrote:
> http://www.thewildbeast.co.uk/claws-mail/bugzilla/show_bug.cgi?id=3660
>
> Andrej Kacian <andrej at kacian.sk> changed:
>
> What |Removed |Added
> ----------------------------------------------------------------------------
> Status|NEW |RESOLVED
> Resolution|--- |INVALID
>
> --- Comment #1 from Andrej Kacian <andrej at kacian.sk> ---
> See "unsafe_ssl_certs" hidden preference at
> http://www.claws-mail.org/manual/claws-mail-manual.html#adv_hidden
>
I am not the original poster, and am an amateur with regard to SSL
certificates. Please feel free to shout at me - if you think that I
deserve it.
First, I am guessing that the mailing list is the place for this,
rather than adding to the bug report.
You have lost me. There might be two different problems confusing
things. Problem one is that there are such things as SSL certificates
for URLs that have wild cards in them. AIUI these are dangerous and
facilitate phishing scams. Problem two is that there can be multiple
valid certificates for a single non-wildcarded URL, either issued by
different authorities or even the same authority. To the best of my
understanding this situation offers no security risk, just an
inconvenience.
Are you referring to,
skip_ssl_cert_check
Disables the verification of SSL certificates when set
to '1'. Default value is '0'.
or to,
unsafe_ssl_certs
Allows Claws Mail to remember multiple SSL certificates
for a given server/port when set to '1'. This is disabled
by default ('0').
The name "unsafe_ssl_certs" suggests that it refers to SSL certs for
wildcarded URLs (problem one), but the text describes problem two,
which in my limited understanding is a non-problem.
Can anyone please offer enlightenment?
--
testing
bP
More information about the Users
mailing list