Nelson B writes: > I think that's the biggest security problem of all. We can't help users > who simply never pay any attention to security warnings.
What about sites who simply can't be bothered to keep their certificates up to date? One reason many users ignore such warnings is that they (correctly) guess that the site has misconfigured something. If all sites were vigilant about keeping certificates up to date, then an expired certificate would be clear evidence of something very wrong; but many sites don't care. -- Anthony _______________________________________________ Mozilla-security mailing list [email protected] http://mail.mozilla.org/listinfo/mozilla-security
