[erlang-questions] SSL: "unknown ca"

zxq9 zxq9@REDACTED
Sat Jan 31 12:04:26 CET 2015


On 2015年1月31日 土曜日 10:35:30 Jon Schneider wrote:
> > Accepting any SSL connections would be the same as not doing SSL at all.
> 
> I disagree with this. Without significant resources and the ability to
> man-in-the-middle reading SSL traffic is still very difficult. In some ways
> self-signed certificates you have to accept once especially if you check
> the fingerprint are waaaay better than relying on the integrity of N CAs.

In an actively supported business data system this is The Right Way to deal 
with verification.

That is not the case most people are familiar with, though, be they users or 
developers.



More information about the erlang-questions mailing list