Trevor Freeman <trevor.freema...@icloud.com> wrote:
> The certificate warning paradigm is over blown given that the typical
> alternative is no TLS. An unauthenticated TLS connection is
practically
> speaking, no different to no TLS at all. The same of true when you see
> certificate warring messages S/MIME messages when the rest of the
> inbox is unsigned email. As long as the two cases are treated equal
why
> cannot you dispense with the certificate warning messages?
The reasoning behind the warning is about expectation. If the browser sees a
self-signed cert instead, it does not know whether that was the original
intent of the site, or whether someone just staged an attack and provided a
self-signed cert instead of the real one. Since there is an expectation that
a site that publishes an HTTPS URL will also provide a CA signed
certificate, the browser errs on the side of detecting an attack.
This would change if there was an easy way to detect that the site intended
to use self-sign cert. But there is no such easy way today.
-- Christian Huitema
_______________________________________________
perpass mailing list
perpass@ietf.org
https://www.ietf.org/mailman/listinfo/perpass
