Le dimanche 09 septembre 2012 à 22:40 -0400, Jeff Fortin a écrit : > Hi there, > As far as I can tell, Evolution uses a default set of SSL certificate > authorities. > [...] > > Will the user get (I hope) a big scary "SOMETHING IS VERY WRONG" warning > like SSH does when server fingerprints don't match? > > I'm of course not a security expert, but would like some reassurance > that Evolution is actually safe against this scenario. > Thanks As users (mostly) ignore security warnings[1], it should be useless, IMHO. SSH does not targets same users than browsers or mail readers, so users are more likely to read them. (And SSH keys doesn't expires, so you can keep fingerprints for ages)
[1] http://lorrie.cranor.org/pubs/sslwarnings.pdf -- Bastien Durel _______________________________________________ evolution-list mailing list evolution-list@gnome.org To change your list options or unsubscribe, visit ... https://mail.gnome.org/mailman/listinfo/evolution-list
