Comment Re:Good, sensible decision (Score 1) 467
Some would claim, that neither does the US.
Some would claim, that neither does the US.
I agree the process to add an exception is a bit long and overly complicated.
That being said, having a device generate a new self-signed cert on every boot seems like really bad security. It more or less invites man-in-the-middle attacks, since you are not relying on the SSL cert to be the same. So as long as an attacker presents you with a self-signed cert you would just accept it.
"And remember: Evil will always prevail, because Good is dumb." -- Spaceballs