(In reply to Gerhard from comment #20) > > Because the permanent security exception is always the worst solution. > This is certainly not true. With a permanent exception, you get trust on first use, which can be attacked on the first visit but not at subsequent ones. A temporary exception is vulnerable to MitM on every use, which is why I would even argue that temporary security exceptions are the worst, if you are going to accept it anyway at least once. > Examples: > > 1. Public website has a certificate error because the certificate expired. > Definitively no reason to give a permanent exception, because on the next day it could already work again. I think this bug is not about expired certificates, this is specifically about the "new cert" warning, which is issued for self-signed / unknown certs from what I know.
Bug 1492498 Comment 21 Edit History
Note: The actual edited comment in the bug view page will always show the original commenter’s name and original timestamp.
(In reply to Gerhard from comment #20) > > Because the permanent security exception is always the worst solution. > This is certainly not true. With a permanent exception, you get trust on first use, which can be attacked on the first visit but not at subsequent ones. A temporary exception is vulnerable to MitM on every use, which is why I would even argue that temporary security exceptions are the worst, if you are going to accept it anyway at least once. > Examples: > > 1. Public website has a certificate error because the certificate expired. > Definitively no reason to give a permanent exception, because on the next day it could already work again. I think this bug is not about expired certificates, this is specifically about the "new cert" warning, which is issued for self-signed / unknown certs from what I know. Edit: Fwiw, not saying that there shouldn't be a checkbox to make it temporary or any kind of UI to do that, but it should *not* be the default.