Not logged in
Log in now
Create an account
Subscribe to LWN
Pencil, Pencil, and Pencil
Dividing the Linux desktop
LWN.net Weekly Edition for June 13, 2013
A report from pgCon 2013
Little things that matter in language design
Just have the UI make no change to the status (don't add the padlock icon, etc.); have the UI pretend it's an http site.
Firefox 3 SSL certificate warnings
Posted Aug 29, 2008 16:11 UTC (Fri) by giraffedata (subscriber, #1954)
From the user point of view, isn't a self-signed certificate equal to unencrypted?
Self-signed is better than unencrypted because with unencrypted, an eavesdropper can get your password. With self-signed, he can't.
But with respect to impostors and men in the middle, they're equivalent.
Simply not displaying any claim of security, as you suggest, for the self-signed certificate is probably better than the dire warning. But it would also be nice to see some icon that tells me that, while I might be talking to an impostor, at least no one can eavesdrop on me. Since it's significantly harder for someone to intercept my traffic than just look at it, there are things I would risk in that case that I wouldn't risk on a totally unencrypted connection.
However, I don't know that there's any practical way to make the average user understand this mid-level security. So by default, it would be better to make no claim at all.
Posted Aug 29, 2008 18:03 UTC (Fri) by docwhat (subscriber, #40373)
That's why I would consider them equivalent.
Posted Aug 30, 2008 1:57 UTC (Sat) by njs (guest, #40338)
Sometimes. But usually not... The most valuable thing about a self-signed certificate from my point of view is that you can detect when the cert changes -- so if someone hijacks your connection to a site you've used before, you *know*. This describes the vast majority of sites that I trust with sensitive information -- I have a relationship with them! And even if your first visit to some site gets hijacked, whenever you visit that site again later you will at least discover that it happened (because the real non-hijacked connection will use a different cert than you're expecting).
Posted Aug 30, 2008 2:11 UTC (Sat) by giraffedata (subscriber, #1954)
The most valuable thing about a
self-signed certificate from my point of view is that you can detect
when the cert changes
But as a practical matter, is there any web browser that detects that? I appreciate that the two SSH clients I use do, but I thought web browsers didn't. I assume that the fact that one visits a lot more web sites than shell sites has a lot to do with it.
Posted Aug 30, 2008 9:04 UTC (Sat) by njs (guest, #40338)
Well, you'll get the "it's self-signed, make an exception or run and hide?" dialogs again when the cert changes, but there's no notification that you *already* made an exception, so you'll probably treat it the same way you treat all the other dialogs like that, i.e. curse and click through.
Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds