Once upon a time, Brett Frankenberger <rbf+nanog@panix.com> said:
On Tue, Sep 13, 2011 at 09:45:39AM -0500, Chris Adams wrote:
Once upon a time, Tei <oscar.vives@gmail.com> said:
He, I just want to self-sign my CERT's and remove the ugly warning that browsers shows.
SSL without some verification of the far end is useless, as a man-in-the-middle attack can create self-signed certs just as easily.
It protects against attacks where the attacker merely monitors the traffic between the two endpoints.
Someone who can monitor can most likely inject false traffic and thus MITM. In any case, a system that is supposed to provide end-to-end security shouldn't be considered secure if it can be easily bypassed. -- Chris Adams <cmadams@hiwaay.net> Systems and Network Administrator - HiWAAY Internet Services I don't speak for anybody but myself - that's enough trouble.