Forum Discussion
adipose
May 02, 2019Brass Contributor
Ability to save passwords for sites with invalid SSL certs
See here for a bug that has been ignored by Google for 4.5 years: https://bugs.chromium.org/p/chromium/issues/detail?id=431618 The ability to save passwords for sites is a convenience that mo...
goodwill1120
Feb 28, 2021Copper Contributor
Eric_Lawrence We are not asking for a workaround. Of coz I know make my cert valid is going to solve this. The problem is there are plenty of reasons why the cert is invalid and they can be perfectly intentional (or I should say not something I consider need to fix), so why block a feature when I know what I am really doing?
Eric_Lawrence
Feb 28, 2021Microsoft
goodwill1120: As noted immediately above, not everyone recognized that a workaround is available, and some are delighted to have one.
The problem isn't the scenario where you have decided not to fix the security threat; the problem is the scenario where the user is actively under attack and does not recognize the implications of, say, clicking through a certificate error "just to see". You can follow the conversation in https://crbug.com/431618.
The problem isn't the scenario where you have decided not to fix the security threat; the problem is the scenario where the user is actively under attack and does not recognize the implications of, say, clicking through a certificate error "just to see". You can follow the conversation in https://crbug.com/431618.