[mdakin]

The SSL software in your web browser uses the information from the certificate authority to mathematically PROVE a man in the middle attack is NOT happening.

Anytime you use a self-signed certificate [edit] without manually verifying the fingerprint of certificate [/edit] ANYONE who controls the network hardware between you and the second party can eavesdrop and even tamper with the communication stream. Neither you nor the second party has any way of knowing what's going on. That's why we NEED a warning every time we encounter a self-signed certificate.

The default behavior of the browsers is fine and we're lucky that the design allows us to fool around with self-signed certificates at all.

EDIT: If you manually verify the fingerprint of the self-signed certificate each time you connect you can be sure your connection is secure. But still the UI makes sense (even more sense).

[timg]

"""Anytime you use a self-signed certificate ANYONE who controls the network hardware between you and the second party can eavesdrop and even tamper with the communication stream. Neither you nor the second party has any way of knowing what's going on. That's why we NEED a warning every time we encounter a self-signed certificate."""

I believe that you misunderstand the technology.

[mdakin]

I'm by no means an expert on crypto but I think I understand the fundamentals. If something I said is incorrect please point it out specifically. See [1] for a more complete explanation of my point.

[1] http://en.wikipedia.org/wiki/MITM

[lupin_sansei]

Doesn't the browser warn you by default for self-signed certificates? If so your second paragraph is incorrect isn't? You would get a warning every time you encounter a self signed certificate.

[mdakin]

The language in my post is a bit sloppy and for for that I apologize. As I imply in the second paragraph and explain in the edit you do get a warning BUT unless you then pull out your paper copy of the fingerprint and manually compare the fingerprint of the certificate with the one you have on file you do not know that your connection is secure. When is the last time anyone took that step? We need CAs to automate this process for us.