Assegnate 5 su 5 stelle

di Jan Martinec il Nov. 5, 2009 ·

Great idea, just what I was looking for!
If there was an option to switch between "admin/learning mode" (current way of working) and "user/working mode" (deny access on unknown cert), this would be absoultely PERFECT.

re: "is it really important to show certificate details the first time when I visit an https site?"
Yes, yes it is, if you actually care whether it's the real site you want or whether it's a phishing impostor, you should verify with the site owner that the certificate fingerprints are correct. Unfortunately, only a few people actually do that, as this should be done through a different (secure) channel than the browser, e.g. through a snail-mail letter or over the phone. Example: I go to https://mybank.example.com/ , I get a "new certificate" warning. I call MyExampleBank's support and check the certificate fingerprints with them. If they don't match what I'm seeing, the site is most probably a fake.

Questa recensione riguarda una versione precedente (0.7) del componente aggiuntivo.