[markgamache1]

YOU ARE DESTROYING THE INTERNET

Training users, who have no way to properly asses this risk, to click OK to the SSL error, is like Jim Jones's practice runs drinking the Koolaide.

Firefox had it right when the briefly made it impossible to OK the use of misconfigured SSL.

Most IT people don't understand the risk of self-signed certs. We can't expect users to make good choices here.

[orthecreedence]

Except for the fact that the CA system is centralized and easily corruptable, giving everyone a false sense of security. Yes, signing your cert gives you some protection, however let's not kid ourselves that any CA could be susceptible to payoffs or gag orders. It comes down to trusting some slimy security company. We need decentralized CA systems before we can kick back and think we're actually secure.

[dandrews]

In re: Jim Jones. That isn't cute.

[romanovcode]

It's still more secure than plain-text http tho.

[MichaelGG]

Since there's no way to distinguish MITM and an unverified certificate, it can make people think they are secure when they are not. That's not "more secure".