On Wed, 2013-03-13 at 23:23 +0100, Josselin Mouette wrote: > I don’t even see it as a bug. Of course it is... Otherwise I could easily mitm every connection... o.O
> Epiphany treats the first site as a self-signed one, which thus has the > same level of security as a non-encrypted connection. And Ephiphany silently accepts self-signeds one? Even then if cert and domain don't match? I can't quite follow your points... > When you are redirected, however, it is the responsibility of the user > to check the domain name the connection is certified for. No... cause you can never now where a site redirects you or form which other domains it loads objects... e.g. google.com and friends load a lot of stuff from other google domains like gstatic or whatever. https guarantees this cause you know the entry domain, and when communication with that is valid (which epiphany apparently does not check) you assume that your peer wouldn't redirect/lead you to other domains (with valid certs) unless it's intended. If you put that into the responsibility of the user the whole system immediately fails. Again,.... can't quite follow your points... just try it with one of the other big browsers... they warn you before any redirect. > You could argue that, when faced with a non-certified https connection, > epiphany should not follow redirections without a warning, but I’m not > even sure upstream would agree, and I definitely don’t think this is a > RC bug. Well... SSL useless... sounds like RC to me. Cheers, Chris.
smime.p7s
Description: S/MIME cryptographic signature