There is an awkward period (after clicking past the warning and before verifying the signed SSL certificate fingerprint) which is no more or less safe than HTTP, but which is more cumbersome and might encourage often-bad behavior in some users. After verifying that the certificate is signed by her (which requires trusting her public key--more hoops), you get some benefit.
It's difficult to weigh the cost/benefit, and nobody is denying that PKI can be awkward.
/thread?
ed: ok, i guess we might still debate the cost/benefit of getting a free cert--i don't really know.
It's difficult to weigh the cost/benefit, and nobody is denying that PKI can be awkward.
/thread?
ed: ok, i guess we might still debate the cost/benefit of getting a free cert--i don't really know.