Changes

* Connection Security

** Self-signed certificates: '''NO''', unless the certificate is explicitly trusted by gecko or has had an exception created some other way (such as via the web browser). In the past, it was very common to use self-signed certificates because getting a real certificate cost money, and potentially a lot of it. Now, you can get free SSL certificates; at least StartCom provides them [https://www.startssl.com/?app=1 here]. I discussed a strategy for supporting self-signed certificates with Brian Smith early on in the e-mail app development cycle. Our conclusion was that it's reasonable to support certificate exceptions, but that adding a certificate should be a very deliberate operation and not something a user should just click through. An especially important factor was that mobile devices are much more likely to be on sketchy wi-fi where man-in-the-middle attacks are much more likely than traditional desktop-computer-from-a-trusted-home-network situation that Thunderbird traditionally has been used for. We also determined that certificate exceptions should be added from the settings app. This makes it more deliberate, and also allows the very dangerous API operation of adding certificate exceptions is only accessed from one certified app, rather than exposing it to apps like e-mail which are intended to only be privileged. Since that discussion, the browser app is now capable of adding exceptions, but it is also one of the most privileged (certified) apps around or likely to ever be around. (asuth, 2013/05/21)

=== Message Encodings ===