Status: Untriaged Owner: [email protected] CC: [email protected] Labels: Type-Bug Pri-2 OS-All Area-Misc
New issue 6855 by [email protected]: Revert default security style for intranet host certs to "auth broken" http://code.google.com/p/chromium/issues/detail?id=6855 Pages served over SSL with a cert which name is a intranet host should be considered as auth broken by default. This was the actual behavior and has been changed for the beta as it was causing an other bug 1177908. The problem is that we do not have an error status for this case or error strings (since it is not a real SSL generated error). Also, from a user perspective, the page info would not explain why the page is insecure. Since IE reports the page as OK, Ian has agreed on also reporting such pages as safe. This should be reverted after beta and error strings and cert status created accordingly. (see ssl_policy.cc SSLPolicy::GetDefaultStyle(const GURL& url)) Note: bug imported from Buganizer #1178228 -- You received this message because you are listed in the owner or CC fields of this issue, or because you starred this issue. You may adjust your issue notification preferences at: http://code.google.com/hosting/settings --~--~---------~--~----~------------~-------~--~----~ Automated mail from issue updates at http://crbug.com/ Subscription options: http://groups.google.com/group/chromium-bugs -~----------~----~----~----~------~----~------~--~---
