|
|
|
|
|
|
by d00bianista
2440 days ago
|
|
|
A trusted certificate is nice and all but if you have to rely on DNS to find the CNAME-record that translates to an A-record and so forth, it becomes complicated and simpler for malicious parties to MITM you. A self signed certificate is actually better in that sense that nothing trusts it and with the assumption that you can add permanent exceptions and pinning, you'll know immediately if something is wrong. |
|
|