On Mon, Jan 5, 2009 at 11:46 AM, <[email protected]> wrote: > On Mon, 05 Jan 2009 11:25:58 PST, Tim said: >> Uh, no, actually CAs provide some weak assurance that the certificate is >> the real one and associated with that server. A self-signed one >> provides none. If you can't, in some way, authenticate the certificate >> then SSL is not any better than sending data plain text. > > It's *slightly* better, in that it guards against passive sniffing attacks > on the data in transit. You're right that it doesn't guard against an > active MITM attack.
The prevailing use of self-signed certs on the Internet basically destroys the usefulness of HTTPS, since it trains users to simply click "add exception" and ignore the scary warnings "because then I get the lock icon, which means I'm safe!" The browser security model should be changed to visually differentiate between "encrypted" and "authenticated", but that would require massive re-engineering of browser software, and lengthy re-education of lusers. Given the option between no HTTPS and HTTPS via self-signed cert, you should choose the former if you're running a public website. If the connections really do need to be protected, stop being so effing stingy and cough up the $70 for a certificate signed by a CA that is in the default trusted bundle of major browsers. -- chort _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
