Comment Re:If you ask nicely enough... (Score 1) 77
Removing the DEFCON 2 warnings for self signed certs will be the first step in the right direction.
SSL is not about encryption. It is also about trust.
Please tell us how it is a better idea to trust an unsigned site at the other end of an unencrypted connection MORE than a self-signed site at the end of a SSL connection. If sites with self-signed certs trigger a warning on browsers, then every site served in the clear should as well. A good compromise would be not to display the lock icon for sites with self-signed certs.