Please reference the below image. The top row has a red circle because it has passed expiration. The middle row is good. The bottom row has a domain mismatch, yet the circle is green. I asked Claude why this happens, and it said it happens because the circle is solely dependent upon the expiration date, ignoring any validation problems.
Is this desirable? I think a user expects the circle to be a roll-up of any/all issues with the host, from days-until-expiry to hostname mismatches, to unknown signers.
Please reference the below image. The top row has a red circle because it has passed expiration. The middle row is good. The bottom row has a domain mismatch, yet the circle is green. I asked Claude why this happens, and it said it happens because the circle is solely dependent upon the expiration date, ignoring any validation problems.
Is this desirable? I think a user expects the circle to be a roll-up of any/all issues with the host, from days-until-expiry to hostname mismatches, to unknown signers.