Hacker News new | ask | show | jobs
by Nursie 4371 days ago
The average user may well be MITMd by their own government. Doesn't seem that unlikely any more.

Either way, self signing is not as secure as using a CA and it is not just browsers being picky.
1 comments
Karunamon 4370 days ago
..in which case they'd just compel the CA to cough up a certificate. This does not apply, at all, to the argument for or against self-signed certs.
link
Nursie 4370 days ago
Depends on the government involved, and on the user, and on the authority.

And then it's still no worse than self signed even in the worst case.

link