[ho_schi]

I remember a (now removed?) passage in Wikipedia stated that self-signed certificates where considered as default for HTTPS back in the 90ies. But the idea of signing Certificate-Authorities prevailed. Users get instantly a “lock” creating a feeling of security - and it made some people rich.

Self-Signed actually is the only trustworthy approach to use certificates. And with QR-Codes or ASCII-Art it is user friendly. Your partner (e.g. bank) would print a hash/fingerprint on the contract and the user MUST check it on first connection.

To complicated? SSH does that always. PGP is built upon the idea of users itself trusting. No end users?

Signal and WhatsApp! Actually you need to check the hash/fingerprint in the profile of your chat or you’ve only an encrypted connection but no security who receives the messages.

I think we should drop the entire approach of Certificates and issuing through “Authorities”. SecureBoot was flawed from the very first moment due its use of Certificates signed by an Authority named Microsoft. And a top-down security enforced from companies isn’t one.

PS: Lenovo turns off SecureBoot when you order a Laptop with Linux. A wise decision. I just miss a note that the password for hardware-disk-encryption and UEFI.

[YESNONAMEMAN]

Malware actor can self sign google.com certificate..... So self sign is ... Because you still need to verify that Google is Google or that malware actor is not Google, so you came to similar situations / conclusions.

BUT current CA situation is travesty in its own right that is little bit different topic.