Opened 7 years ago

Last modified 7 years ago

#4895 new defect

Browse does not warn of expired certs

Reported by: SAMdroid Owned by:
Priority: Unspecified by Maintainer Milestone: Unspecified
Component: Browse Version: Unspecified
Severity: Critical Keywords:
Cc: Distribution/OS: Fedora
Bug Status: Unconfirmed

Description

How to reproduce:

  1. Go to site with expired cert (eg. https://dev.laptop.org/)

Result:

  • Padlock in urlbar has an ! next to it

Expected result:

  • Users are warned of the dangers and scared out of going there
  • Click the padlock with the ! warns the about the dangers again

Notes:

Epiphany has this feature. They have awsome copy too:

Look out!
This might not be the real **dev.laptop.org**.

When you try to connect securely, websites present identification to prove that your connection has not been maliciously intercepted. There is something wrong with this website’s identification:

This website’s identification is too old to trust. Check the date on your computer’s calendar.

A third party may have hijacked your connection. You should continue only if you know there is a good reason why this website does not use trusted identification. **Legitimate banks, stores, and other public sites will not ask you to do this.**

Change History (1)

Note: See TracTickets for help on using tickets.