Firefox 3 SSL certificate warnings
Posted Aug 28, 2008 1:37 UTC (Thu) by joedrew
Parent article: Firefox 3 SSL certificate warnings
There is a risk of man-in-the-middle attacks from self-signed certificates because anyone can create certificate that purports to be for any other given web site.
I can't emphasize this enough: if you are on the wrong network, all your (for example) amazon.com traffic can be redirected to someone else, and the only way you will know is because the certificate will be self-signed. This is enormously scary, and until Firefox has Key Continuity Management, the scary self-signed cert warnings will have to do.
to post comments)