Certificate / connection information window
I love how complete Miranda NG is, but I think this is something which is really lacking here. Certificate informations are important for interested super users to make sure that the certificate of the server is valid and wasn't replaced by a middle man, similar how it's possible for OTR if you don't verify your contacts! Jitsi got this feature for a long time and in a recent update it has extra connection informations, so it would be really awesome to see this here as well, as this project is seriously the BEST and most complete client in the world. Thank you very much!
-
Wishmaster commented
Well, if the certiflicate is self-signed, you cannot trust it anyways, unless you know the fingerprint
-
Anonymous commented
Thanks for your answer! That's true, but for example in a case of self-hosted servers where the admin doesn't want to fiddle around to get a certificate from the "big guys", because the XMPP server is for a small community anyway, this would be useful, as Miranda wouldn't accept a self-signed certificate with this option. It's a lot more secure if we can see the certificate information, and in countrys where net neutrality isn't very respected or the connection is heavily censored, this is even more important to be able to verify that the certificate wasn't replaced by some nasty devils. Here is one source why it's important for paranoid users: www.pcworld.com/article/2901072/google-catches-bad-digital-certificates-from-egyptian-company.html
-
Wishmaster commented
Well, there alreadyis an option to Validate SSL-sertiflicates, so you don't have to do it manually (Options->Network).
The only problem is that it just refuses connection if certiflicate isn't valid (and shows a popup), there should be some more infos about that. But Miranda can validate those certiflicates.
-
Strengths commented
Would like to see this, even though it's not really that important. But depends of course if people care about security, and since Snowden, people should care.