On Monday, April 13, 2015 at 8:57:41 PM UTC-4, northrupt...@gmail.com wrote: > > * Less scary warnings about self-signed certificates (i.e. treat > HTTPS+selfsigned like we do with HTTP now, and treat HTTP like we do with > HTTPS+selfsigned now); the fact that self-signed HTTPS is treated as less > secure than HTTP is - to put this as politely and gently as possible - a pile > of bovine manure
This feature (i.e. opportunistic encryption) was implemented in Firefox 37, but unfortunately an implementation bug made HTTPS insecure too. But I guess Mozilla will fix it and make this feature available in a future release. > * Support for a decentralized (blockchain-based, ala Namecoin?) certificate > authority > > Basically, the current CA system is - again, to put this as gently and > politely as possible - fucking broken. Anything that forces the world to > rely on it exclusively is not a solution, but is instead just going to make > the problem worse. I don't think the current CA system is broken. The domain name registration is also centralized, but almost every website has a hostname, rather than using IP address, and few people complain about this. _______________________________________________ dev-platform mailing list dev-platform@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-platform
