I guess the right way to say it is the browser seeks to verify the cert with a trusted certification authority. If the issuer isn't listed in the browser's list of trusted authorities, you get the error message. As I understand it, there are apparently legitimate commercial CAs that for whatever reason don't make the club of the trusted.
Here is the IE7 error message text:
There is a problem with this website's security certificate.
The security certificate presented by this website was not issued by a trusted certificate authority.
Security certificate problems may indicate an attempt to fool you or intercept any data you send to the server.
We recommend that you close this webpage and do not continue to this website.
Is the behavior with self-signed certs only or is it also with certs
signed by CAs that the browser doesn't have the signature for?
Thanks, Tom
Richard Wiggins wrote: > Heads-up for those supporting Windows computers: > > Today I was reminded that on November 1, Windows Update will begin
> offering users the option of installing Internet Explorer 7. It will > be offered to local users who are logged in as Administrator starting > that day. Users can say Yes, No, or Later. > > I've been running IE 7 for months now, and while its HTML rendering is
> much better than day 1, it is quite a bit different than the look and > feel of earlier IE versions. This could cause user confusion. > Lately I've had it crash on me frequently, though earlier it was
> stable. (Could be a change un my usage.) > > The warning for use of a self-signed certificate is much sterner. The > message says: > > We recommend you close this webpage and do not continue to this
> website. > > We will be sure that help desks are briefed and we'll have knowledge > base articles on this up in a day or two. > > For managed desktops in a domain there is a way for sysadmins to
> suppress the offer of updating: > > More information is at: > > http://www.microsoft.com/technet/updatemanagement/windowsupdate/ie7announcement.mspx
> > > Here are pertinent passages: > > Automatic Updates Delivery Process > > The automatic delivery process will notify users that an update is > available and allow users to choose whether to install Internet
> Explorer 7. The process is described below ... > > Automatic Updates will only offer Internet Explorer 7 to users with > local administrator accounts. Automatic Updates will notify all such > users (including those with Automatic Updates configured to
> automatically download and install updates) when Internet Explorer 7 > has been downloaded and is ready to install. The notification and > installation process will not start unless and until a user who is a
> local administrator logs on to the machine. Users who are not local > administrators will not be prompted to install the update and will > thus continue using Internet Explorer 6. > > After clicking on the Automatic Updates notification balloon, users
> will see a welcome screen summarizing key features of Internet > Explorer 7 and presenting three options - Install, Don't Install, and > Ask Me Later. > • > > If a user selects "Install": The installation process will commence
> and require Windows Genuine Advantage validation and a re-boot to > complete. Installation of Internet Explorer 7 will not override a > user's default browser choice and will transfer the user's previous
> homepage, favorites, search settings and compatible toolbars. When the > user launches Internet Explorer 7, a first-run experience will be > offered highlighting new features and changes. > •
> > If a user selects "Don't Install": The notification process will not > re-prompt the user to install at a later time; however, any user who > is a local administrator will be able to install Internet Explorer 7
> at any time as an optional update from the Windows Update and > Microsoft Update sites or from the Microsoft Download Center. > • > > If a user selects "Ask Me Later": The install process will not proceed
> and Automatic Updates will start notifying the user that an update is > available using the same process (notification balloon and welcome > screen) within approximately 24 hours. > > Internet Explorer 7 will replace Internet Explorer 6 on a user's
> machine. However, users may roll back to Internet Explorer 6 by > uninstalling Internet Explorer 7 via the Windows Control Panel > Add/Remove Programs utility. > > /rich
