Certificate Error

[Granger]

Some people post HTTPS links which require you to install the Seatribe self-signed certificate to avoid the warnings. Truthfully, it's as safe as any officially issued certificate IF (and that's a big if) you trust the person that is issuing it.

Actually it is safer than 'any official issued certificates' (apart from shit like this).

The scheme is pay up or we'll impress your users with a warning that you're insecure which is a clear cut case of extortion - but as a whole industry is behind it you sadly can't jail them all...

[MagicManICT]

I'll counter your argument with "social engineering." Without large organized databases of information, social engineering beats anything and becomes very simple.

[Granger]

As long as every root certificate authority can sign a valid (in terms of being accepted by the browsers) cert for whatever name the system is pointless. But there's good money in it.

[MagicManICT]

Is it the best system? No. It's a far cry better than what we had 5 years prior to implementation and is the reason we have so much access via the web to everything now. I know we can do better. The better may be yet to come. It may well exist in someone's mind right now and waiting to come to fruition. Until then, we have to work with what tools we have.

As far as small games and personal websites go... yeah, why bother feeding the system? There's only so much someone can access on your computer via HTTP as long as you take proper precautions (such as disabling JavaScript, Flash, use TOR, etc.)

[jorb]

Paged loftar for a comment.

[Granger]

Using letsencrypt would fix this free, it won't remove the underlying issues with the certificates but get rid of the warnings.

In case he wants he can get a script from me that can remote this (for multiple machines) from a trusted host and dosn't require running as root.