GNU bug report logs - #19404
25.0.50; Gnus shows self-signed certificate warning when connecting to Gmane

Previous Next

Full log

View this message in rfc822 format

From: Eli Zaretskii <eliz <at> gnu.org>
To: Lars Ingebrigtsen <larsi <at> gnus.org>
Cc: 19404 <at> debbugs.gnu.org, deng <at> randomsample.de, dgutov <at> yandex.ru
Subject: bug#19404: 25.0.50; Gnus shows self-signed certificate warning when connecting to Gmane
Date: Fri, 19 Dec 2014 16:40:06 +0200

> From: Lars Ingebrigtsen <larsi <at> gnus.org>
> Cc: David Engster <deng <at> randomsample.de>,  19404 <at> debbugs.gnu.org,  dgutov <at> yandex.ru
> Date: Fri, 19 Dec 2014 13:11:46 +0100
> MailScanner-NULL-Check: 1419595943.94089 <at> Frj7Sl8lupuHOmrgKZTQZA
> 
> Eli Zaretskii <eliz <at> gnu.org> writes:
> 
> >> It simply means: "The certificate’s issuer is not known. This is the
> >> case if the issuer is not included in the trusted certificate list."
> >
> > I suggest that we say something like this, indeed.
> 
> However, this means nothing to people who don't know what it already
> means

The first sentence sounds very clear to me, even to someone who knows
nothing about this.

We could reword the second sentence to say something like

  Please make sure your trusted certificate database is installed and
  up to date.

This should at least give enough "food" to talk to some sysadmin, if
the user doesn't know where the certificates are kept or how to update
them.

> while "self-signed" is something that more people understand.

But it's a lie in this case, or at least might be.

> But the suggestion to only suggest that the certificate may be
> self-signed if the issuer and host name are the same may help a bit.
> There's quite a few self-signed sites out there where that's not the
> case, though.

Then how come they are "self-signed"?  At least the domain should be
the same, no?

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.