[superkuh]

Browsers scaremonger really hard about self-signed SSL certs. And browsers are starting to implement HTTPS only as a default. It won't be too long before HTTP is blocked by mega-corp browsers and not having a CA TLS cert means your website is now un-visitable by non-technical people (and not indexed by search engines).

[midasuni]

The concern about http over https is that a bad actor can intercept and change traffic.

If you allow self signed certificates, anyone who can MITM traffic can masquerade your site just like with http

Self signed does however stop passive fibre taps - to intercept you need to MITM.

There then the “remember this cert” option. If I visit www.selfsigned.com on a secure network, my browser remembers the certificate. If I then travel to another network with a MITM, my browser can flag up a warning. This is how SSH works.

However I’m not too concerned by SSL certificates as a centralised point - my browser trusts dozens, probably more than 100, root certificates. That’s not centralisation.

[immibis]

Self-signed certs should be no scarier than unencrypted connections. If self-signed certs are allowed then you can have a case for banning unencrypted connections - the way Mozilla tried to do in the past, but they didn't allow self-signed certs.

If we're not going to show interstitial warning pages for HTTP-not-S sites, so you can't see if it's HTTPS without checking the address bar, then a red open padlock and a red strike through the "https" seems sufficient for self-signed HTTPS sites. Some indication is needed, otherwise you'd see the "https" and think it was secure, but the indication shouldn't be scarier than HTTP-not-S!

[mistrial9]

this seems to be a well-known list of trusted Certificate Authorities

https://ccadb-public.secure.force.com/mozilla/CAInformationR...