[GNC] Site certificate expiry warning
Michael or Penny Novack
stepbystepfarm at comcast.net
Fri Mar 24 11:21:25 EDT 2023
On 3/24/2023 9:30 AM, Simon Roberts wrote:
> On this, I would disagree. The certificate verifies that the
> *connection* has not been usurped by a "man in the middle" attack, and
> thereby that the target site is the one you believe it to be. The
> certificate says absolutely nothing about the quality or reliab\ility
> of the content of the site. So, if you are concerned about the
> (extremely small, to be fair) risk that there's a pirate version of a
> site being fed to you, you need to ensure the certificate is validated.
Sorry, I was really being unclear.
I did NOT mean "without first checking with the site owners" and that
using an address from them from before (in other words, I would not
trust a "contact address" not obtained until the site had an expired
warning.
I did NOT mean for any and all purposes. It would depend very much on
what I was doing at the site, how I was going to be interacting with it.
Until the problem fixed, would not download software, would not log in
for any financial activities, etc. LOOK at the site, yes. Thus I might
look at a vendor site while doing comparison shopping, checking for
product availability, etc. but not place an order.
Michael D Novack
More information about the gnucash-user
mailing list