[cwilkes]

> encouraging to use SSL_NO_VERIFY flag because passing CA path is too difficult.

And if they did spend extra time on that people would complain they are trying to teach two technologies at once.

Also that’s something everyone unless it is part of their day job has to look up a tutorial on how to do it.

Just a passing “this is for ease of use, don’t do it in production and consult a manual” would suffice.

[jungler]

In the back of my mind I always hope that a new technology I'm using will fail in a spectacular, obvious fashion as soon as I use it wrongly, because that means that a great number of resources will soon appear to cover all the gotchas.

It's the ones where spotting and debugging the source of the problem depends on fine-grained conceptual understanding, that leads to documentation that gives you a metaphorical blank stare and shrug.