Hello again,

I tried to send a smallish image as attachment to the list, and the message didn't appear (maybe it will, yet).

So I wanted to check the list policy on attachments, clicked on the link to the mail manager and got:

==== lists.xcf.berkeley.edu uses an invalid security certificate.

The certificate is not trusted because it is self signed. The certificate expired on 11/06/2006 06:06 PM.

(Error code: sec_error_expired_issuer_certificate) ====

I'm using FF3, and as google didn't find any reference I had to fall back to the list itself.

John

On Thu, 14 Aug 2008 17:16:14 +0200 (CEST) Richard Hirner wrote:

So I wanted to check the list policy on attachments, clicked on the link to the mail manager and got: [...]

I find the new way of Firefox/3 to display certificate issues quite irritating because it's fairly complicated to download & accept the certificate. On the other side, that prevents unexperienced users from trusting the wrong people.

Yes - that is very similar to what I feel. In this case though, the certificate exists, but expired (in 2006, I believe). As I understand it, there is a site where 'free' (as in no-cost) certificates can be obtained. The other day, I had to download a certificate for a site - if I recall correctly, it was bugzilla - and it was a fairly simple process in FF3.

On the other hand, with the actual DNS poisoning phenomenon, even experienced users can fall into traps.

John