Comment by anamexis

Comment by anamexis 2 days ago

5 replies

View on Hacker News

It's not that you're trusting your own certificate, it's that you're trusting any self-signed certificate, leaving you open to getting MITM'ed.

denkmoon 2 days ago

Why would this oblige the client to trust any self-signed cert as opposed to trusting all certificates whose chain of trust can be established using the system's trust store? The reporter isn't asking for mail to automatically trust untrusted certificates, they have added them to the trust store.

Reply View 0 replies
darknavi 2 days ago

Can't you install trusted certificates by hand on iOS?

Reply View 2 replies
  • anamexis 2 days ago

    Yes, and you still can. That's not broken.

    Reply View 1 reply
    • digitalPhonix a day ago

      Based on the bug report I think it is. Mail is not respecting the self signed certificate that’s been added to the user trust store.

      Reply View 0 replies
bdavbdav 20 hours ago

How? You add your signed cert explicitly to the trust store. You’re not just hitting “trust” every time.

Reply View 0 replies