Comment by riffraff
11 years ago
but as user I can understand that an http site is insecure, while a self signed certificate might lead me into a false sense of security.
11 years ago
but as user I can understand that an http site is insecure, while a self signed certificate might lead me into a false sense of security.
That's the proffered reasoning as we all know. But the actual outcome (to quote rufb from this comment https://news.ycombinator.com/item?id=8625739)
Not considering the many holes, cyphersuites, running TLS 1.3+ etc.
( http://wingolog.org/archives/2014/10/17/ffs-ssl )
...it should probably look like this:
Safe against active attacks:
Safe against passive attacks:
Safe against world peace, ie. UNSAFE:
> Tell me how the logic works here (for an average user).
"Neutral Chrome" is the default state of the web -- the site doesn't assert that it should be trusted, and it shouldn't be, and that's the default state people should have in approaching the web.
"Cool Green" is "the site asserts that it has a particular identity and that communication with that identified site is private, and it passes the tests built into the browser's security model to verify all that."
"Evil Red" is "the site asserts that it has a particular identity and that communication with that identified site is private, but it fails the tests built into the browser's security model to verify all that."
Seems to me to be perfectly logical, even if we might prefer a better security model for making and verifying the claims at issue.
Plaintext is zero security.
Self-signed is a low probability of security.
Signed is a high probability of security.
This continuum makes more sense than the current state of affairs.
2 replies →
I can self-sign a certificate for gmail, the browser correctly warns about potential BIG security issues with it.