-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 El 11-12-2010 23:14, MFPA escribió: > Hi ... > But couldn't a man-in-the-middle server authenticate by presenting the > user's browser with an acceptable certificate signed by a "trusted" > CA? And is a self-signed certificate any more or any less secure in > this scenario?
Yes, that's why it is important CAs don't sign things they should not sign. Selfsigned certificates make things worst, because now you have to worry about flawed CAs and also you need to check the legitimate but unknown (to you) certificate used in the site... Best Regards -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQEcBAEBCAAGBQJNBDkgAAoJEMV4f6PvczxAgkkIAIRXO3lC6EAZjNw4wF9kHyHC ULwXPLczITOZMDWY27jcs6XyZfbSFr9AJ+H1UugaXrJlVvjrvOH1NcLpm5E7vLuh eAfc8AzlOkdGWRWmKDLNzQ8Q+69VDj6aQUTfUHCc71l8Zau+SKkzeXOHKBDlMEN0 ZQQwkrKftl6LK4x9IWI/18z0rJseKECjAk2fYkrUKwivvvJukvDK0I4EANQHTfWP 9UOrFGGtklUtKbYs87EP9F0KAudw3ujiPpRtPCO/II169YfkjjCzUUXC9ldtoeO9 YWyzsPpUvRh0L2ptKQfVBikZrDn7VB8r/vHSFeZILQCWl5TZln7+HP4QC1BRdPo= =zjGl -----END PGP SIGNATURE----- _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
