Please create an account to participate in the Slashdot moderation system


Forgot your password?
Note: You can take 10% off all Slashdot Deals with coupon code "slashdot10off." ×

Comment Re:Or just sign your own (Score 1) 72

No, there's another big difference. First time visitors, if they are visiting a site with a non-trusted key, are asked about it, right? Sounds good, right?

The point of SSL is to ID a server as a certain server. Let's say you do ecommerce, and your very own pages explain this behavior away. Great idea, until your domain get hijacked (registrar isn't paid, DNS spoof, etc). Lo and behold, users come to expect this behavior, and click away.

This is the key fact, however. You need someone you can trust - a third party that puts a huge amount on the line - to certify that the server is who it says it is.

CACERT is a potential answer, but it needs to be integrated into Firefox and IE. But you do need that 3rd party authority. Otherwise, you it's like someone sending you an IM saying, "Hey, I'm me. What's you password/credit card/SSN?"

If mathematically you end up with the wrong answer, try multiplying by the page number.