Don't try this at home: Install this CA certificate

The Faroese Telecom is asking cusomers to Install this CA certificate.

This is a very dangerous habit to get your customers into. Even if they do trust this company, the certificate is downloaded unsigned, and may thus have been corrupted on its way.

Please! Føroya Tele can surely afford to buy a certificate that is authorized by one of the CAs that are built into the browsers with Verisign as one of the obvious choices.

Update is no more asking me to install a new (and unsigned) root authority. I am only asked if I am willing to accept an expired certificate for this session. Which I am, I wouldn't mind browsing my telephone bill on unencrypted http. But I do mind sites that get its customers into the habit of accepting expired certificates signed by unknown authorities. This page really is from, because I say so myself!.

certificate has expired


Skriv en ny kommentar:

Husk meg ?




Trackback-URL for dette innlegget: