It's a great explanation of why users are rational to ignore all our security advice; the expected benefits are so low compared to the effort required, and a lot of the costs are borne by other people anyway.
It's better than plain HTTP if your browser will complain next time if the cert changes, because at least you're assured that if you weren't under attack on first visit, you're not under attack now. Displaying a huge error when the site has made some effort is ironic.
(The point of the error is that a normal, valid certificate means that some CA has vouched for the identity of the website. When it's some random website you don't care about, this isn't important. When it's your bank or a business, it is.)
Exactly so. This is the SSH model, and I love it. How does a CA's signature protect against phishing anyway? It doesn't. Equifax signs both the real site and the fake site.
Ian Grigg uses a self-signed certificate on purpose (he and I both have some unconventional views on the efficacy of CAs). In Firefox it's a simple matter to accept this site as a security exception. Now whenever I visit financialcryptography.com, I know I'm at the authentic site because I don't get a security warning. And that's without using a CA.
http://research.microsoft.com/en-us/um/people/cormac/papers/...
It's a great explanation of why users are rational to ignore all our security advice; the expected benefits are so low compared to the effort required, and a lot of the costs are borne by other people anyway.