Recently somebody on Mozilla Security policy mailing list recommended a more SSH-like approach for https (basically, get warned about site identity the first time you visit it, and remember the certificate for the future visits, and show a much more dire warning if the certificate changes). Do you think this approach could work with something like https?
ender-_12 karma
Recently somebody on Mozilla Security policy mailing list recommended a more SSH-like approach for https (basically, get warned about site identity the first time you visit it, and remember the certificate for the future visits, and show a much more dire warning if the certificate changes). Do you think this approach could work with something like https?
View HistoryShare Link