←back to thread

All extensions disabled due to expiration of intermediate signing cert

(bugzilla.mozilla.org)
1318 points xvector | 3 comments | 04 May 19 01:31 UTC | HN request time: 0.694s | source
1. verisimilitudes ◴[04 May 19 04:13 UTC] No.19824396[source]
This relates to my opinions about encrypted HTTP, which is that it shouldn't be mandatory.

If you have a well-designed system that only works with encryption, then sure, but this idea of using the same mistaken systems as the WWW clearly doesn't work well.

I've never seen a Tor Hidden Service fail because of something expiring.

Much of this nonsense about encrypting everything, without reason and excuse, is to protect advertisements from being modified.

That this hit Tor Browser and disabled NoScript is damning, but I already disable JavaScript in about:config and I'm not even using a version of Firefox this new, anyway.

I can't tell if my opinion of Mozilla is lower or if it can't get lower.

replies(2): >>19824651 #>>19827420 #
2. ascorbic ◴[04 May 19 05:32 UTC] No.19824651[source]
This situation isn't about encryption, it's about code signing.
3. sfink ◴[04 May 19 16:27 UTC] No.19827420[source]
Requiring https is a different situation and much more defensible in my mind. It's way too easy to rewrite the web pages of everyone using library or coffeeshop wifi and thereby hack/phish a lot of people's browsers.