Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Browsers could add the less severe warning before the certificate expires, for example 3 days before it expires have a "this certificate is about to expire, are you sure you want to continue?" warning. That would maintain the security guarantees around expiration while still getting the attention of users/administrators.


That's an absolutely terrible idea. Scaring the crap out of thousands of users when your certificates are set to auto-renew etc is just dumb.


Alarm all the users to notify one person? Doesn't seem so good to me.


Isn’t that what happens now when the cert expires? Except when it’s expired it’s a lot harder for users to figure out how to bypass the warnings so they can visit the site to find a contact link to report the issue.

Remember not every site is actively checked by their maintainer every day.

In an ideal world it shouldn’t be needed (and likewise UX for expired certs wouldn’t be needed), but in practice I think it has merit.


OP's idea was to scare the users BEFORE it expires (and the admin still has time to renew).

> Remember not every site is actively checked by their maintainer every day.

Precisely… so scaring the users while the owner doesn't get the message is useless.


Owner will likely check their email more than visit their site. I know that’s true for various small sites of mine.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: