zlacker

>>codero+(OP)
There is a massive hypocrisy in browser vendors getting hysterical about self signed certs while letting MITM proxies operate with impunity or worse working with them.

Why isn't there an effort to detect MITM proxies and post equally scary warnings? Surely users have a right to know.

MITM is worse than self signed certs and if 'exceptions' can be found for MITM like corporate security, management etc then the same exceptions should be found for self signed certs for individuals rather than creating dependencies on CA 'authorities'. This just another instance of furthering corporate interests while sacrificing individuals.

>>throw2+PV
Why do you prefer a self signed certificate instead of using let's encrypt?

You can create a self signed CA and add it to trusted roots to avoid warnings.

>>wolf55+zW
Because it does not rely on any 'authority'. The increasingly scary warnings by browser vendors is in stark contrast to zero interest in detecting MITMs and warning users. The next step could very well be the disabling the ability to add exceptions for self signed certs.

Why not promote content encryption or explore other ideas that do not rely on central authorities, and we can see there are always workaround for corporates but individuals are thrown under the bus.