Self-signed certificates and Firefox 3 - a possible solution

Posted by scrubs on Aug 10, 2008 2:31 AM
By Free Software Magazine
Mail this story
Web version

Some websites need to handle data securely and assure the end-user they are a) secure and b) who they say they are. The traditional way to achieve these is via Secure Socket Layer. Firefox 3 changed what happens when a self-signed SSL certificate is encountered. It’s a change which has caused some concern and much discussion. Should we only trust certificates signed by third parties? Are there cases where using a self-signed certificate is valid? Should users be informed or warned and how strong should the language of that notification be? Is it possible a simple solution is already available but has been overlooked in all the flan-flinging? I think so. If you've ever been confused about browser security, Ryan Cartwright explains the issues. Read the full story at Freesoftware Magazine.

Full Story

Printed at http://lxer.com/module/newswire/view/106831/index.html