daveschaefer
commented
11 years ago And nevermind just being temporary - we may want to let people mark certs as permanently whitelisted for a site (or until they decide to clear them). That could allow people to create a kind of certificate pinning for a given site, which would make it much more clear when a new certificate is seen.
Sometimes Perspectives shows an invalid/red quorum result but the results are just barely under quorum, or otherwise acceptable to the user. It would be great if we could temporarily mark the current key/cert as acceptable for this session, placing it on a temporary whitelist that is then discarded when the browser closes. This saves the user from having to check the 'red/invalid' result each time only to see that the certificate is still okay. Combined with the 'different icon for whitelisted sites' issue it would be easy to mark and see which certificates were valid only for the current session.
This may be especially useful for people who leave their web browser running for long periods of time (days) without restarting.