On 01/07/2016 01:54 PM, Michael Catanzaro wrote:
On Thu, 2016-01-07 at 10:04 -0430, Robert Marcano wrote:
As someone who wrote the original certificate manager implementation [1] when Epiphany was Gecko powered, It never was enabled. And apparently never ported to webkit.
If Web authors still think it is a seldom used feature, They never had a business bank account where you need to be able to manage the certificates. Sometimes only for backing it up or installing it on another machine.
Hi Robert,
We've had several bugs about this, but at the end of the day I think Epiphany is the wrong place for a certificate manager, because Epiphany does not have its own trust store like Firefox/NSS does -- it instead uses the system trust. Like Bastien mentions, we have a separate application, Seahorse, which exists to manage certificates systemwide. I think we should focus on improving Seahorse instead. Daiki Ueno from Red Hat has been working on this.
For discussions about if Web is ready or not to replace Firefox, it doesn't matter to much if the implementation is on Web or a lower layer, only if the user can do it. The question if this is a needed feature is another thing to discuss.
Another features missing that I remember from using it for testing:
- No UI (yet) to add new search engines. - UI option for not automatically restore previous open tabs, this default is annoying for me - (Desired) Import bookmarks from Firefox. There is an import menu option but it should be able to detect the Firefox profile by default, with no need to install Firefox, export and then import. Migration should be easy
Seahorse has a certificate import feature, but I believe it's currently broken; in the meantime, you have to open a terminal and use the 'trust' command.
I'm not opposed to adding a certificate manager in Epiphany if someone else wants to work on it, but we should meet with the GNOME designers and the safety team to figure out the proper division of responsibility between Epiphany and Seahorse. Maybe a compromise solution would be a Certificate Manager menu item that just launches Seahorse. We're certainly open to brainstorming about this.
On a somewhat unrelated note, I think Epiphany current certificate dialog (which does not allow management, but displays the certificate used on the current page) could stand to be improved. Currently it is excellent at showing the server's certificate, but it ought to be able to show the entire chain. This is not something most users care about, so I think it's not a big problem, but I get tired of switching to the command line to investigate certificate issues.
Michael
P.S. Thanks for your contributions to Epiphany!
desktop mailing list desktop@lists.fedoraproject.org http://lists.fedoraproject.org/admin/lists/desktop@lists.fedoraproject.org