Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

dialog for showing the server certificate should offer way to verify the cert #108

Open
bernhardreiter opened this issue Feb 21, 2019 · 1 comment
Open

dialog for showing the server certificate should offer way to verify the cert #108

bernhardreiter opened this issue Feb 21, 2019 · 1 comment

Comments

@bernhardreiter
Copy link

The dialog for showing the server certificate certificate and cert chain should offer a way to verify the certificate. This is useful for the usecase where the user is asked whether to trust that certificate.

How to reproduce?

Either remove the root ca from your xmmp server from your operating systems certificate store
and reconnect.

Or just click on the "padlock" icon on a connection and look at the dialog.

version

swift-im 4.0.2-1 wit official package on Debian GNU/Linux
@bernhardreiter
Copy link
Author

Potential solutions

A standard solution would be to show a secure checksum to allow the user to compare it to other places where it is shown. Typically should would be the sha256sum or sha hash checksum as shown in browsers. (Not md5, because it is cryptographically unsafe.)

Another solution could be to allow the user to export the certificate to do an examination with other tools.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@bernhardreiter