[erlang-questions] SSL: "unknown ca"

Jon Schneider jon@REDACTED
Sat Jan 31 11:35:30 CET 2015


> Accepting any SSL connections would be the same as not doing SSL at all.

I disagree with this. Without significant resources and the ability to man-in-the-middle reading SSL traffic is still very difficult. In some ways self-signed certificates you have to accept once especially if you check the fingerprint are waaaay better than relying on the integrity of N CAs.

Jon


More information about the erlang-questions mailing list