On Friday 10 April 2009 21:32:29 Stephen Frost wrote:
> Uh, no, the right fix is to have a warning/prompt (as pretty much all
> web browsers today do) but then continue to connect.
On that matter, it is interesting to observe where web browsers are heading
today.
It used to be that web browsers said, "Cannot verify server certificate.
Continue? [Yes] [No]" and everyone clicked yes.
The new firefox just says "invalid certificate" and nothing else, and then
somewhere below there is a small link to "Add an exception" and you need a
total of four clicks to proceed. So that looks a lot like that they are
moving away from easily allowing unverifyable server certificates as well.