|
|
|
|
|
|
by ocdtrekkie
1254 days ago
|
|
|
Here's the thing: Expired certificate warnings reduce security. Because they're excessively dramatic about a routine non-issue, people learn to ignore and bypass them. Now people won't head real certificate warnings. Unfortunately, the browser security nerds don't understand human psychology, and are more scared of the fact an expired cert can't be revoked (a nearly pointless edge case) versus users ignoring all cert warnings entirely, which they do now. A classic example of engineers who don't understand their users. |
|
|