Trust OS Certificate stores

Moderator: Project members

Post Reply
Message
Author
nobby6
500 Command not understood
Posts: 5
Joined: 2022-06-01 23:47
First name: Nobby
Last name: Edwards

Trust OS Certificate stores

#1 Post by nobby6 » 2022-06-18 07:56

I get why Filezilla does what it does in not trusting any certs, but you're not microsoft Tim and co... please don't dictate who and how we trust, surely if it's good enough for WWW certs with banks, its good enough for FTP.

I know you wont change this by default, but I do ask for feature request in settings that offers a checkbox to by-default globally trust the OS's cert store so those of us who do trust them, aren't interrupted by unnecessary popups to select trust, and customer support staff arent constantly trying to explain to people "no no our certs are good its just filezilla" then they blame us for "well you're recommending we use filezilla so why if it ..." you get the picture...

I mean, seriously, the millions upon millions around the world using Filezilla, do you really think they are going to call their ISP/Host providers and get fingerprints and sit down and verify letter by letter, no, they just click trust it right off the bat without looking or giving it a second thought.


Thanks for at least reading :)
Top
User avatar
boco
Contributor
Posts: 26147
Joined: 2006-05-01 03:28
Location: Germany

Re: Trust OS Certificate stores

#2 Post by boco » 2022-06-18 21:02

I get why Filezilla does what it does in not trusting any certs, but you're not microsoft Tim and co... please don't dictate who and how we trust,
We don't. That's why it is the way it is, you do approve certificates upon first encounter, after making sure they are safe (or not). Nothing is dictated.
surely if it's good enough for WWW certs with banks, its good enough for FTP.
You didn't hear anything about all the recent scandals and uproars concerning stolen, misused etc. public certificates? Really? The system is fail by design, trust simply cannot be bought but has to be earned.
but I do ask for feature request in settings that offers a checkbox to by-default globally trust the OS's cert store so those of us who do trust them,
Well, admit it, when was the last time you checked the settings in FileZilla?`
truststore.jpg
truststore.jpg (62.07 KiB) Viewed 65 times
### BEGIN SIGNATURE BLOCK ###
No support requests per PM! You will NOT get any reply!!!
FTP connection problems? Do yourself a favor and read Network Configuration.
FileZilla connection test: https://filezilla-project.org/conntest.php
### END SIGNATURE BLOCK ###
Top
nobby6
500 Command not understood
Posts: 5
Joined: 2022-06-01 23:47
First name: Nobby
Last name: Edwards

Re: Trust OS Certificate stores

#3 Post by nobby6 » 2022-06-18 23:36

I heard about a lot of complaints over the years, going back to start.coms buyout, OS stores revoked them, worked fine, no ftp server I've ever used has said oh btw heres the fingerprint , none, nudda, zip.

as for the setting I concede my bad, I must have missed it, since I dont recall ever seeing it before
Top
Post Reply

Return to “FileZilla and FileZilla Server Development”