Re: Web of Trust (a revolution)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Bruno Wolff III wrote:
> Sites with self signed certs that prevent passive snooping get treated as
> the same as going to a site without ssl and not triggering all sorts of
> inappropriate warnings that look scary and make people jump through hoops
> to bypass them.

+1, this really needs fixing. It leads to several sites actually downgrading
security (not using encryption at all) just to prevent those warnings.

We'd see much wider adoption of HTTPS if self-signed certificates weren't
treated any worse than plain unencrypted (and totally insecure) HTTP.

HTTPS should displace HTTP the same way SSH displaced telnet. Most people
think people still using telnet as a remote shell are crazy (and they're
probably right), yet they'll happily use the just as insecure unencrypted
HTTP.

        Kevin Kofler

-- 
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines

[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux