Closed
Bug 276461
Opened 20 years ago
Closed 20 years ago
Permanently accept SSL certificates for POP/IMAP mail
Categories
(SeaMonkey :: MailNews: Message Display, enhancement)
Tracking
(Not tracked)
RESOLVED
DUPLICATE
of bug 255025
People
(Reporter: KlausRusch, Assigned: sspitzer)
Details
Attachments
(1 file)
|
10.82 KB,
image/gif
|
Details |
Screenshot
When accessing Web sites whose certificate is not valid for some reason
(expired, unknown certification authority, incorrect site name) an option is
given to accept the certificate once or permantently.
With secure POP/IMAP mail such an option is not available, the certificate can
only be accepted for a single session.
It would be desirable to have the same options as with Web site certificates to
the certificate once or permantently.
|
Reporter | |
Comment 1•20 years ago
|
||
|
||
Comment 2•20 years ago
|
||
For "unknown certification authority" you can accept the certificate
permanently, see Bug 221552 (this is broken atm). But this can be fixed by
importing the CA. For the other two reasons (incorrect site name, expired) i
think it is wanted that you can't accept this permanently, since a incorrect
site name should just not happen and the certificate should be fixed.
|
|
||
Comment 3•20 years ago
|
||
*** This bug has been marked as a duplicate of 219678 ***
Status: UNCONFIRMED → RESOLVED
Closed: 20 years ago
Resolution: --- → DUPLICATE
|
|
Reporter | |
Comment 4•20 years ago
|
||
> For the other two reasons (incorrect site name, expired) i
> think it is wanted that you can't accept this permanently, since a incorrect
> site name should just not happen and the certificate should be fixed.
A warning once is perfectly right, but then it should be deferred to the
responsibility of the browser user to decide whether or not the certificate
should be accepted, especially when getting the certificate fixed is beyond the
control of the browser users (most of the time).
Forcing the user to accept the warning every time increases the risk that users
will use the non-secure POP/IMAP ports instead, which is worse than knowingly
accepting a certificate whose name does not match (which does not do any harm to
the encryption of the communication).
Status: RESOLVED → UNCONFIRMED
Resolution: DUPLICATE → ---
|
|
||
Comment 5•20 years ago
|
||
This has been discussed before, see dupe. And don't reopen this bug.
*** This bug has been marked as a duplicate of 219678 ***
Status: UNCONFIRMED → RESOLVED
Closed: 20 years ago → 20 years ago
Resolution: --- → DUPLICATE
|
|
||
Updated•20 years ago
|
Status: RESOLVED → UNCONFIRMED
Resolution: DUPLICATE → ---
|
|
||
Comment 6•20 years ago
|
||
*** This bug has been marked as a duplicate of 255025 ***
Status: UNCONFIRMED → RESOLVED
Closed: 20 years ago → 20 years ago
Resolution: --- → DUPLICATE
You need to log in
before you can comment on or make changes to this bug.
Description
•