X
Thinta lapha ukuze uye kuveshini yamakhalekhukhwini kusayithi.

Isithangami Sabeseki

Lolu chungechunge lwabekwa kunqolobane. Uyacelwa ubuze umbuzo omusha uma udinga usizo.

Statement on Firefox 33 and self-signed certificates

Kuphostiwe

Dear Mozilla,

Your decision to drop support for self-signed certificates is causing problems all around in LANs, VPNs, and domain networks both home and corporate which employ SSL but use self-signed certs. Despite it being understanding that it is generally ill-advised to access sites with such problems, further deciding that this minority of exceptions should be abandoned altogether in a world web full of so many shades of grey and complex setups is not a responsible decision.

Please implement methods for us to be able to coexist with these updates, as suddenly dropping support for the plenthora of routers, domains, websites and other sources using such a setup, many of which cannot be quickly updated or even at all, is a big problem.

The internet engineering taskforce has not issued any such directives, nor have broader plans to drop support for self-signed certificates been announced. In the lack of a transitioning climate away from this setup or any plans to do so, Mozilla has unilaterally decided to remove support.

Please remember that you have a large userbase and thus a responsibility to keep available means of access that are in common use by the world. Self-signed certificates still very much play a role in the ecosystem, and they will continue to exist for as long as there is a need for encryption on intranets.

Thank you!

Dear Mozilla, Your decision to drop support for self-signed certificates is causing problems all around in LANs, VPNs, and domain networks both home and corporate which employ SSL but use self-signed certs. Despite it being understanding that it is generally ill-advised to access sites with such problems, further deciding that this minority of exceptions should be abandoned altogether in a world web full of so many shades of grey and complex setups is not a responsible decision. Please implement methods for us to be able to coexist with these updates, as suddenly dropping support for the plenthora of routers, domains, websites and other sources using such a setup, many of which cannot be quickly updated or even at all, is a big problem. The internet engineering taskforce has not issued any such directives, nor have broader plans to drop support for self-signed certificates been announced. In the lack of a transitioning climate away from this setup or any plans to do so, Mozilla has unilaterally decided to remove support. Please remember that you have a large userbase and thus a responsibility to keep available means of access that are in common use by the world. Self-signed certificates still very much play a role in the ecosystem, and they will continue to exist for as long as there is a need for encryption on intranets. Thank you!

Eminye Imininingwane Yohlelo

Fakela amapulagi

  • Shockwave Flash 14.0 r0
  • Next Generation Java Plug-in 10.67.2 for Mozilla browsers
  • NPRuntime Script Plug-in Library for Java(TM) Deploy
  • 5.1.30514.0
  • Adobe Shockwave for Director Netscape plug-in, version 12.0.9.149
  • IE Tab 2 Plug-in for Mozilla/Firefox
  • The QuickTime Plugin allows you to view a wide variety of multimedia content in Web pages. For more information, visit the QuickTime Web site.
  • VLC media player Web Plugin 2.0.2
  • Unity Player 3.5.2f2
  • DivX Web Player version 2.0.0.203

Isisebenziso

  • I-ejenti Engumsebenzisi: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:33.0) Gecko/20100101 Firefox/33.0

Eminye Imininingwane

Fab de Coarraze 0 izisombululo 13 izimpendulo
Kuphostiwe
Follow the story here : https://bugzilla.mozilla.org/show_bug.cgi?id=1084606

Okulungisiwe ngu Fab de Coarraze

pion19 0 izisombululo 4 izimpendulo
Kuphostiwe

Impendulo Ewusizo

it seems the problem is not self-signed certificate itself, but too short (from current point of view) RSA-keys. Please see https://support.mozilla.org/en-US/questions/1045971

moreover, SSLv3 is now insecure, and is soon going to be disabled by default. https://blog.mozilla.org/security/2014/10/14/the-poodle-attack-and-the-end-of-ssl-3-0/

it seems the problem is not self-signed certificate itself, but too short (from current point of view) RSA-keys. Please see https://support.mozilla.org/en-US/questions/1045971 moreover, SSLv3 is now insecure, and is soon going to be disabled by default. https://blog.mozilla.org/security/2014/10/14/the-poodle-attack-and-the-end-of-ssl-3-0/

Okulungisiwe ngu pion19