On Tue, Oct 21, 2008 at 11:02:11AM +0300, Peter Eisentraut wrote: > If you install a new web browser, would you want it to be configured by > default to warn about untrusted certificates or to "not bother" the user > about it? It's pretty much the same question here.
We "don't bother" users when there is no certificate at all, so why would you if the certificate is untrusted? You seem to be making the assertion that making an encrypted connection to an untrusted server is worse than making a plaintext connection to an untrusted server, which seems bogus to me. Have a nice day, -- Martijn van Oosterhout <[EMAIL PROTECTED]> http://svana.org/kleptog/ > Please line up in a tree and maintain the heap invariant while > boarding. Thank you for flying nlogn airlines.
signature.asc
Description: Digital signature
