Posters in this thread are arguing that the phone call method for unlisted numbers is unsafe because what if their phone gets stolen by someone else and they're going to make phone calls pretending to be them?! A theoretical possibility that's never going to happen in practice
Of course you know better than literally every browser and security expert in existence. There is a reason why HTTPS is so much enforced. These attacks happen, its not theoretical, its a real threat for many people. Connecting to untrusted wifis, or messing up configuration so that you connect to wrong wifi without even knowing about it, is probably the biggest risk, but there are others. This game has thousands of users, its not like everybody would just be in their parents basement, never going outside to meet possibly unprotected networks!
I've logged into forums from VERY suspicious places, using my own server as a vpn of course, but many don't and they are at serious risk.
Self issued certificates are just fine if you can trust the issuer. In fact, they are more secure in many ways as there isn't a central repository that can be hacked to spoof the validation process. If you can trust the software a website is offering without much question, then you should be able to trust the certificate, as the software is going to do much, much more damage if its intent is malicious.
Isn't the problem precisely that we do not know if we can trust the issuer, how can I know if 62 29 D5 9F 8C 75 E2 73 3A 31 D7 2A 9F DF 9C 34
89 45 6D 5A is loftar or somebody who just pretends to be him? Even If I could somehow manually check it, its quite tedious to do this as I log on from different devices and different browsers.
central repository that can be hacked to spoof the validation process
Certainly there are some problems with Ca's being either hacked or just being held by suspicious entities, but in general the system works quite well and there aren't any feasible alternatives as of yet, yea yea all kinds of web of trust ideas exist but they are not practical with average users to be honest.