Y
Hacker News
new
|
ask
|
show
|
jobs
by
mapunk
3752 days ago
> Use a self-signed cert and ask your visitors via a side channel to tick the box to add an exception.
Don't do this. If you have to ask your users to add an SSL exception you're doing it very wrong.
1 comments
_ikke_
3752 days ago
He was comparing the tls equivalent of how SSH works. First time you connect to an ssh server, you have to accept the host key, which most people do not (and in most situations, can not) verify.
link