On Sat, May 23, 2015 at 9:34 PM, Tim Chase <python.l...@tim.thechases.com> wrote: > A self-signed certificate may be of minimal worth the *first* time you > visit a site, but if you return to the site, that initial > certificate's signature can be used to confirm that you're talking to > the same site you talked to previously. This is particularly > valuable on a laptop where you make initial contact over a (I > hesitate to say "more secure") less hostile connection through your > home ISP. Then, when you're out at the library, coffee-shop, or some > hacker convention on their wifi, it's possible to determine whether > you're securely connecting to the *same* site, or whether an attempt > is being made to MitM because the cert changed.
You can get the exact same benefit (knowing when the cert changes) with an externally-signed cert too. How many people actually bother to check? ChrisA -- https://mail.python.org/mailman/listinfo/python-list