Self-signed certificates and Firefox 3 - a possible solution

Posted by scrubs on Aug 10, 2008 4:31 AM EDT
Free Software Magazine; By Ryan Cartwright
Mail this story
Print this story

Some websites need to handle data securely and assure the end-user they are a) secure and b) who they say they are. The traditional way to achieve these is via Secure Socket Layer. Firefox 3 changed what happens when a self-signed SSL certificate is encountered. It’s a change which has caused some concern and much discussion. Should we only trust certificates signed by third parties? Are there cases where using a self-signed certificate is valid? Should users be informed or warned and how strong should the language of that notification be? Is it possible a simple solution is already available but has been overlooked in all the flan-flinging? I think so. If you've ever been confused about browser security, Ryan Cartwright explains the issues. Read the full story at Freesoftware Magazine.

Full Story

» Read more about: Story Type: Security; Groups: Linux

« Return to the newswire homepage

This topic does not have any threads posted yet!

You cannot post until you login.