Permanent certificate approval

Forums » Opera for Windows/Mac/Linux » Desktop wish-list

You need to be logged in to post in the forums. If you do not have an account, please sign up first.

Go to last post

2. April 2010, 16:41:10

Stilezy

Posts: 170

Permanent certificate approval

The certificate handler in Opera is a pain, due to the "Remember this choice" option being on a separate tab, and not being remembered for the page in future.

Request:

  1. The "remember this choice" option/s should be on the first tab, so they can be selected and click OK without having to navigate to a second tab.
  2. The "remember this choice" should have an option to remember the choice for all certificates for the given domain in future.
Win 7 x64

2. April 2010, 20:31:48

serious

Lab mouse and likes it!

Posts: 5657

+1 for 1
-1 for 2 (because it makes man-in-the-middle-attacks undetectable to the user)
All my posts only represent my own opinions.
[ Tweedo Monitor - Deluxe Website & Service Monitoring ]

3. April 2010, 02:14:11 (edited)

Stilezy

Posts: 170

Originally posted by serious:

-1 for 2 (because it makes man-in-the-middle-attacks undetectable to the user)


How will most users notice MIM attacks? For most users all they see is "allow this certificate" which is needed to proceed with the website. A big green tick for if it's genuine and a big red alert if there's a concern, might be a good start. What is the average Opera user supposed to look for?

Point being that in terms of their role as a security device, current handling of certificate isn't effective, because the average user doesn't get clear guidance if it's ok or not. So they have to figure it themselves - which for most users is "Yes I want to access this site, and clicking "approve" is needed to do so".

Redesign time?
Win 7 x64

3. April 2010, 19:38:05

serious

Lab mouse and likes it!

Posts: 5657

ad 2: if the browser permanently remembers the original certificate it could write a warning like "the certificate of this page has changed. [Accept][Decline]....". and if the user is not always flooded with cert warnings (because the browser remembers the original cert) he/she may read the fewer warnings that have good explanations (jeah, wishful thinking, I know, user actually reading stuff ... wink)
All my posts only represent my own opinions.
[ Tweedo Monitor - Deluxe Website & Service Monitoring ]

3. April 2010, 22:02:57

sevenred

Posts: 327

1: +1 Nuff said

4. April 2010, 14:40:55

Animaniac

I love Cape Town

Posts: 138

1. +1
Running a site for business listings in Cape Town. Finding stuff in Cape Town

Forums » Opera for Windows/Mac/Linux » Desktop wish-list

Copyright © 2001 - 2013 Opera Software. All rights reserved.