Ah, but the man in the middle only gets one chance to mess with your cert. That is the first time you encounter the self signed cert, you trust it and it goes into your root store. So don't do that first encounter over public wifi. You could also just distribute the cert to those that need it.
I know when I used a web hosting company to handle my email, I would yearly have to blindly trust the new cert. Granted I inspected it, but the mua didn't do anything to verify the cert. Now I suppose if I used Web based email, that might have been different. I'm thick skinned to feel free to tell me if I got any part of this wrong. Original Message From: Tomasz Sterna Sent: Tuesday, May 3, 2016 4:30 PM To: email@example.com Reply To: firstname.lastname@example.org Subject: Re: self signed cert W dniu 03.05.2016, wto o godzinie 12∶34 -0700, użytkownik li...@lazygranch.com napisał: > I'm not following you here. You still have encryption with a self > signed cert, but no trust. But if you can't trust yourself, who else > can you trust? If you have a reliable way of distributing your certificate, then yes. But then you are acting as an CA, so why don't use a real one? But if you just accept whatever cert server provides you with (like most people connecting self-signed service), then you have no more protection than on unencrypted connection. > On public wifi without the self signed cert, the conversation could > be read, not to mention login credentials. Using man-in-the-middle attack, even the encrypted conversation could be read - see above scenario with accepting server provided cert. And the default configuration of jabberd2 is not to allow plain text passwords on unencrypted channel, so you cannot read the login credentials. > Take "letsencrypt" for example. Prior to adding their certificates to > my root store, I could still get encryption, provided I let my > browser go ahead. I just could trust the website identity. But you are not sure the identity. You could aswell trust the man-in- the-middle proxying your communication and posing as the website. > The Hong Kong Post Office is a CA, but I don't really trust them. ;- > ) Why? They passed the audit checking whether they reliably verify the credentials before signing certs. > But xmpp doesn't have the downgrade option. You do not need to downgrade to unencrypted channel. MITM can aswell proxy an encrypted connection on both sides decrypting/encrypting on flight. As long as clients accept self-signed certs blindly, without consulting CA registry. -- /o__ Documentation is like sex: when it is good, it is very, very good; and (_<^' when it is bad, it is better than nothing.