[HTTPS-Everywhere] bbc.co.uk attempts to use user installed certificates?
Austin English
austinenglish at gmail.com
Sat Mar 8 16:25:27 PST 2014
Hello,
I'm not sure if this is a bug or intended behavior, so sending an email
here. I've got a .p12 certificate imported into Firefox for employer
related sites. In Firefox 27 on Fedora 64, the first time I browse to a
site on bbc.co.uk, I receive a dialog asking to use my employer's cert on
bbc.co.uk. (This cert, of course, has no effect on that site). Clicking
either ok or cancel will dismiss the dialog, then load the non-https page.
I see that the bbc ruleset is marked partial. Indeed, loading the same site
in a browser without my certificate gives a non-https page.
So, is this a bug or feature? Can HTTPS-Everywhere do anything in this case?
Note: I've disabled the ruleset on my machine as a workaround, but I
suspect users that have personal certificates in their browser is a
relatively low proportion, so I wanted to make sure this is a known issue.
Cheers,
Austin
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.eff.org/pipermail/https-everywhere/attachments/20140308/0d31c982/attachment.html>
More information about the HTTPS-Everywhere
mailing list