Re: [dev] [surf] badssl.com

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]

From: Markus Teich <markus.teich_AT_stusta.mhn.de>
Date: Thu, 13 Oct 2016 14:59:50 +0200

Alexander Keller wrote:
> If the alternative is too much, perhaps changing
> strictssl = FALSE \* Refuse untrusted SSL connections *\
> to
> strictssl = FALSE \* Validate SSL certificates from server *\
> would help better inform what it does. My initial understanding when I
> used surf was that this would simply deny me the option of bypassing SSL
> errors. Not silently ignore them.

Heyho Alexander,

surf is not _silently_ ignoring them. If the validation fails, `sslfailed` will
be true and in the window title you can see a `…:U` for untrusted instead of
`…:T` for trusted. I don't think the change is good, since surf does the
validation always.

--Markus
Received on Thu Oct 13 2016 - 14:59:50 CEST

This archive was generated by hypermail 2.3.0 : Thu Oct 13 2016 - 15:00:19 CEST