On Mon, 21 Jul 2014 10:21:33 +0200 Elrippo Athletico <elrippo@xxxxxxxxxxxxxxxxx> allegedly wrote: > > Depends, on wether you trust a CA, for example VeriSign, who just > want your money, or wether you go trough a personal verification > process at cacert.org, like i did, where you sit face to face with > your assurer. > > If you want, you can install the cacert.org root certificates -> > http://www.cacert.org/index.php?id=3 > > It would be a good idea to get some knowledge about CA's and the > processes for verification, before you talk about an untrusted HTTP > connection secured with SSL/TLS And of course you will get a similar warning when connecting to a site which uses a self signed certificate. Whether you trust that site depends on your use case and trust model. Personally I think the CA model is largely broken. I make my own choices about whether to trust a site. Hell, most people are perfectly happy to connect to /any/ site without SSL/TLS. Why complain about a site which offers encryption, but doesn't conform to the wider CA model? Mick --------------------------------------------------------------------- Mick Morgan gpg fingerprint: FC23 3338 F664 5E66 876B 72C0 0A1F E60B 5BAD D312 http://baldric.net ---------------------------------------------------------------------
Attachment:
signature.asc
Description: PGP signature
-- tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk