> >> VŠ> What's the point to accept and store self-signed certificate > >> VŠ> anyway? It ads zero security. > >> > >> You are right, it does not add security. However, it adds > >> convenience. > > VŠ> Convenience? How? > > Byu not having to click OK to accept the cert each time I send a > message. I thought that was clear,
I ment that self signed certificate adds zero security. I were not talking about the possibility to add such certificates into exception list. The conclusion is that if you care about security you should be using properly signed certificates. And if you are using self-signed certs you doesn't really care about security and should be prepared for inconveniences that are DESIGNED to annoy ordinary users which doesn't care about security either. Be it clicking OK on every connection or finding a way through different CryptoAPI/PKI dialogs to import root CA. Or to switch to normal plaintext method. > >> As I said in the other mail a moment ago, not really important on my > >> side, but it would be nice not to have to click OK each time I send a > >> mail. > > VŠ> You can do this by using standard plain text connection method. > > Of course. Some people told me I should use TLS for security. TB! > supports it. You are saying I should ignore security? TLS is secure only when used precisly as it was designed to be used. Man-in-the-middle attacks and non revoking certificates doesn't have much corellation with TLS or with security at all. -- Vilius ________________________________________________________ Current beta is 5.0.6.1 | 'Using TBBETA' information: http://www.silverstones.com/thebat/TBUDLInfo.html
