On 02/09/10 23:54, Alexander Surma wrote: > Well, the connection is definitely encrypted. Regardless of a man in > the middle or not ;) > However - I see your point. > My suggestion would be, that we allow yet another userscript to handle > this. I for one do not care for verifying certificates. But for those > who do, some kind of interface would be nice, woudln't it?
I think that if SSL is going to be supported, it should be supported fully, within surf itself. One of the things I like about surf is that it's actually usable without hacky user scripts, unlike, say, uzbl. Otherwise, there's really no point; you're basically sending everything in the clear, and SSL hasn't been implemented in any meaningful fashion. And worse yet, surf *acts* like it's doing SSL when it isn't. Without verification, surf is only usable for non-sensitive content -- you'd have to be huffing enormous amounts of glue to even consider logging into your bank with it. Everyone hates the CAs, there's no argument there. I even think that distributing a CA store with the browser itself is a potentially bad move. But I personally consider the approach of combining "TOFU" and CA cert verification is a pretty decent heuristic. Using TOFU-only would be a first for a web browser, and I think that could be kind of neat. But the least, just check an environment variable for a certificate store, and if it's there, verify and turn the status bar green. Otherwise, it stays red.
