Owen Taylor wrote: > If you are connecting on an insecure network (say coffee shop wireless) > then a https connection to an untrusted certificate is a distinctly weak > form of security. > > It tells you that you have a encrypted connection to *somebody*.
That is correct, of course. It is, however, more secure than an open connection. Case in point, on my mail server, which I know I connected to properly on my wired network, and which I told Thunderbird to remember, is not signed by a trusted authority and looks different by host name on an outside network. When I connect to it from outside, my password is still not traveling through the net in plain text. Whether by broken design or broken economics, there will always be a lot of certificates that cannot be authenticated against a CA. Yes, the security is weakened, but there still needs to be something informing the user that their data isn't flying through the air in clear text. --Pat _______________________________________________ desktop-devel-list mailing list [email protected] http://mail.gnome.org/mailman/listinfo/desktop-devel-list
