Comment Re:Self signed? (Score 1) 276
Not more, but not necessarily less. With a self signed cert, you cant verify the identity of the signer/cert. With the possibility of a compromised CA, you have (essentially) the same problem. (As far as understand it anyways).
What I would like to know is what (if anything) can be done to verify keys without a CA? I don't know that much about crypto, so am genuinely curious. Are there techniques to do this? (Diffie-Hellman-Merkle?)