Hacker News new | ask | show | jobs
by Karunamon 4373 days ago
The difference being that we know the first one is happening right now.

The average user will probably not be MITM'd. There simply are too many users and not enough attackers. Additionally, the attacker must hit the user during their first visit to the site or never.
1 comments
Nursie 4371 days ago
The average user may well be MITMd by their own government. Doesn't seem that unlikely any more.

Either way, self signing is not as secure as using a CA and it is not just browsers being picky.

link
Karunamon 4370 days ago
..in which case they'd just compel the CA to cough up a certificate. This does not apply, at all, to the argument for or against self-signed certs.
link
Nursie 4370 days ago
Depends on the government involved, and on the user, and on the authority.

And then it's still no worse than self signed even in the worst case.

link