help: caution users about using Ignore SSL Errors

[empathy.git] / help / C / account-jabber.page

diff --git a/help/C/account-jabber.page b/help/C/account-jabber.page
index efa22d1b5e9088fdb37ac62e886a3617a3ffa814..0fbc2bad7a2e0ce3d5859091026a0f6d1626c619 100644 (file)
--- a/help/C/account-jabber.page
+++ b/help/C/account-jabber.page
@@ -10,6 +10,7 @@
       <e:review by="shaunm@gnome.org" date="2009-08-31" status="done"/>
       -->
     </revision>
+    <revision pkgversion="3.12" date="2015-02-03" status="review"/>
     <credit type="author">
       <name>Shaun McCance</name>
       <email>shaunm@gnome.org</email>
@@ -26,7 +27,7 @@
 -->
   </info>
 
-  <title>Jabber Account Details</title>
+  <title>Jabber account details</title>
 
   <p>Most Jabber accounts will require only a login ID and a password
   to connect.  For some accounts or on certain types of networks, you
@@ -50,10 +51,12 @@
       required</gui> to prevent <app>Empathy</app> from communicating with
       the Jabber server when encryption is not possible.</p>
       <p>Some Jabber servers may encrypt data using invalid certificates,
-      or using certificates from unknown authorities.  If you trust the
-      server you are connecting to, you can select <gui>Ignore SSL
-      certificate errors</gui> to allow encrypted communication with
-      invalid certificates.</p>
+      or using certificates signed by unknown authorities.  You can select
+      <gui>Ignore SSL certificate errors</gui> to allow encrypted communication
+      with invalid certificates, but this allows an attacker to intercept your
+      communication with the server (including your password). You might want to
+      use this option for testing purposes, or if your server is broken and you
+      do not care about the security of your communication.</p>
     </item>
     <item>
       <title><gui>Resource</gui></title>