Posted by Douglas Held on Feb 22

Summary:

It is essential to provide a configuration option in the operating system
to:
1. never trust invalid certificates, and
2. to not prompt to trust them.

Steps to reproduce:

1. Install OS X on an Apple laptop.
2. Configure Mail.app (for example) to connect over SSL to your mail
server. Prepare a draft email with sensitive information about the
iPhone 8 or whatever.
3. Go treat yourself to a hotel visit.
4. Connect to the hotel Wifi SSID…