Comment #33 on issue 2010 by earonesty: Feature: An option to disable the 'Expired Certificate" warning for a specific site http://code.google.com/p/chromium/issues/detail?id=2010
Anyone who really knows security knows that certificates are a bit of a sham anyway. They are designed to prevent a certain kind of phishing-style attack where someone impersonates a secured entity and they *completely* fail to prevent this. It's much easier to get a signed, but fake name... like wellsfargo.securelink.com, than it is to hijack an internet connection and spoof a cert. SSL works very well with self-signed certs .. unless someone's *hijacked your internet connection*. Securing SSL from someone who'se hijacked your connection is a case of "closing the barn door after the horse". Personal-certs are great for high-security access. I used them for a hedge fund bank access application. Unlike domain certs, they work, there's no way for a MITM to break your app... and they are hard to install, so users won't be logging in to yor bank from a cafe. IMO, web and domain certs have been a billion dollar waste of time, money and resources.... since they inspire trust in a system that isn't trustworthy. If it were my browser, I would put a simple checkbox.... if only to snub the industry a bit... and get them to be more on the ball about issuing client certs. -- You received this message because you are listed in the owner or CC fields of this issue, or because you starred this issue. You may adjust your issue notification preferences at: http://code.google.com/hosting/settings -- Automated mail from issue updates at http://crbug.com/ Subscription options: http://groups.google.com/group/chromium-bugs
