[Project_owners] auto certificate acceptance
paul at roub.net
Tue Mar 27 04:40:05 PST 2007
> So, when I visit a https web site with a certificate, it asks for "do
> you want to accept certificate" or "do you want to accept certificate
> permanently", something along those lines....
> Is there a way to hook up into a mozilla service so that instead of
> popping that dialog, it automatically accepts the certificate?
> Maybe I would have to implement some sort service provider that is
> called to handle these dialogs, and I return back a value indicating
> "accept this certificate".
Forgive me if I'm stating the obvious, but...
*All* https web sites have certificates behind them. It's what
validates that the site you're viewing is the site it claims to be. The
pop-ups you see are for those times when the certificate:
Is signed by an unknown authority
Is for a different site
So either the site in question is mis-configured, or the certificate is
bad. In the case of, say, a banking site, that's very much worth knowing.
Your hypothetical extension is probably possible; it's also just the
thing to make Phishing work so much better than it does now.
More information about the Project_owners