Comment Wrong problem to attack (Score 1) 733
This is a bad approach that attacks the wrong end of the problem. The real problem is that *after they are accepted* self-signed certs and trusted-authority-signed certs are treated as providing the exact same guarantees. In reality they provide two distinct things, each of which has its place. Self-signed certs provide end-to-end encryption without saying anything about where the other end is. Signed certs make stronger (but not foolproof!) guarantees about the other end of the channel.
The problem is that both types of certs get you the *same* lock in the corner of the window. This is really bad, because that lock icon is the green light for grandma to enter her credit card number. She should *never* be doing that on a site with a self-signed cert, and it shouldn't matter whether or not junior was using the computer earlier and jumped through the hoops to add an exception for the cert of some promising-looking porn site. The icon needs to reflect the *guarantee*, not the delivery mechanism.
My suggestion would be to show a warning when accepting a self-signed cert that contains language and images -- people are visual -- describing the idea of secure communication with an unknown party, and make it easy to accept the cert. But for goodness' sakes, use a *different* icon, something that cannot be mistaken for a lock, to represent the security. Show an envelope, or a pipe representing the inability to look inside the connection. (I know, tubes...) I'm sure somebody brighter than myself can figure out a good icon for this status.
The thing about security as it relates to ordinary folks is you have to have a simple story to tell them or they just ignore it. "Look for the lock and you're OK" is as simple as it gets, which makes it a very good, very useful story. Putting "the lock" on self-signed cert connections dilutes that story, which is a bad, bad idea.
(As an aside, I've actually always thought the lock was too subtle. I'd rather say "when your entire browser window starts pulsing gold you're OK to enter your credit card number".)