On Tue, Jan 20, 2015 at 5:23 AM, Tim Franklin <t...@pelican.org> wrote: > I'd still very much *want* the organization to tell the users > that the internal IT people are breaking their SSL, so > please not to have any expectation that security is doing > what you think it is.
Blame it on the browser devs. They tell users the -wrong- things about security. Silent about totally unencrypted traffic. Silent about Sysadmin-installed certs. Noisy with dire warnings about anyone who wants better than unencrypted without whole-hog signed certs. And God help you if you train your users to just click "confirm exception." Regards, Bill Herrin -- William Herrin ................ her...@dirtside.com b...@herrin.us Owner, Dirtside Systems ......... Web: <http://www.dirtside.com/> May I solve your unusual networking challenges?