Linked by Thom Holwerda on Tue 25th May 2010 21:37 UTC
Google Looking at the past few week of Google news, you'll be forgiven for thinking Google doesn't do anything else beyond making Android. While there's sexier stuff going on within Google, the company is also still trying to improve its core user service: search. They've launched encrypted search today, and it will be rolled out across the world in the coming days.
Permalink for comment 426650
To read all comments associated with this story, please click here.
Piranha
Member since:
2008-06-24

It's because a MITM attack is so much easier. An attacker could be placed in the middle, and hand you HIS self signed certificate, while connecting to the legit site on your behalf and read ALL your data (meaning the ssl is now useless). At least now with a limited number of signing authorities, it's damn near impossible to do this. If a certificate authority goes rogue, then the browsers just need to remove their root server.

Besides, Startcom provides FREE class 1 ssl certificates and are available in every major browser (except Opera, but I believe they fixed that now). My domain runs off it, and never receiving the "WARNING" when I switch computers or browsers is very reassuring.


If you don't want the warning prompts from your own self signed certificates, then just install your signing cert into your browser. However, it's quite a hassle to get visitors to your site if they all get the warning.

Reply Parent Score: 1