On Thu, Jul 2, 2015 at 2:33 AM, Reindl Harald <h.reindl@xxxxxxxxxxxxx> wrote: > > Am 02.07.2015 um 02:30 schrieb Michael Catanzaro: >> >> On Wed, 2015-07-01 at 19:59 -0400, Paul Wouters wrote: >>> >>> Principles are good and well. But how many times did you actually USE >>> that option you so reluctantly implemented? :) >> >> >> Actually, I honestly don't remember ever using it except testing it >> during development. I just don't visit broken sites. They are few and >> far between nowadays > > > that's nonsense > > a self signed certificate is exactly as secure as a CA certificate you pay > for after there are hundrets and thousands by default trusted CA's in the > browsers with the only difference you have to accept it once No its not. Because everyone can issue them you can't really know whether it is from who it claims to be from ... even in case you can its in case an attacker gains access of it the issuer can't really revoke it anymore. Browsers do show those warnings for self signed certs for a reason and that reason is *not* to sell certificates. -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
