[erlang-questions] SSL: "unknown ca"

[zxq9]

On 2015年1月31日 土曜日 10:35:30 Jon Schneider wrote:
> > Accepting any SSL connections would be the same as not doing SSL at all.
> 
> I disagree with this. Without significant resources and the ability to
> man-in-the-middle reading SSL traffic is still very difficult. In some ways
> self-signed certificates you have to accept once especially if you check
> the fingerprint are waaaay better than relying on the integrity of N CAs.

In an actively supported business data system this is The Right Way to deal 
with verification.

That is not the case most people are familiar with, though, be they users or 
developers.