Bitcoin Forum
April 26, 2024, 09:06:59 PM *
News: Latest Bitcoin Core release: 27.0 [Torrent]
 
   Home   Help Search Login Register More  
Bitcoin Forum > Bitcoin > Development & Technical Discussion > SSL again
Pages: [1]
« previous topic next topic »
  Print  
Author Topic: SSL again  (Read 1215 times)
casascius (OP)
Mike Caldwell
VIP
Legendary
*
Offline Offline

Activity: 1386
Merit: 1136


The Casascius 1oz 10BTC Silver Round (w/ Gold B)


View Profile WWW
March 14, 2011, 05:46:29 AM
 #1
SSL is still self-signed

This is a public credibility problem

I'm not looking to hear again that self signed certificates are better, more secure, or any conspiracy theories from CA's, or that the public should configure their browsers to trust them.  I'm looking to repeat a reminder that having user's browsers display security warnings is a way of fostering mistrust and is a pretty ironic observation for a project that asks people to trust their money to cryptography.

How many months in a row must this issue be brought up before something can be done about it?
Companies claiming they got hacked and lost your coins sounds like fraud so perfect it could be called fashionable.  I never believe them.  If I ever experience the misfortune of a real intrusion, I declare I have been honest about the way I have managed the keys in Casascius Coins.  I maintain no ability to recover or reproduce the keys, not even under limitless duress or total intrusion.  Remember that trusting strangers with your coins without any recourse is, as a matter of principle, not a best practice.  Don't keep coins online. Use paper or hardware wallets instead.
1714165619
Hero Member
*
Offline Offline

Posts: 1714165619

View Profile Personal Message (Offline)

Ignore
1714165619
1714165619
Reply with quote  #2
1714165619
Report to moderator
It is a common myth that Bitcoin is ruled by a majority of miners. This is not true. Bitcoin miners "vote" on the ordering of transactions, but that's all they do. They can't vote to change the network rules.
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
1714165619
Hero Member
*
Offline Offline

Posts: 1714165619

View Profile Personal Message (Offline)

Ignore
1714165619
1714165619
Reply with quote  #2
1714165619
Report to moderator
grondilu
Legendary
*
Offline Offline

Activity: 1288
Merit: 1076


View Profile
March 14, 2011, 06:16:17 AM
 #2
I don't know much about certificates, so correct me if I'm wrong, but:

Basically with a self-signed certificate you just have to accept it the first time you connect to the website, and then, if later I'm being warned that the certificate is not the same anymore, then I can suspect there has been something smelly, and ask around about it.

To me that sounds pretty much as good as relying on a third party "certificate authority".
Check out my bitcoin bash library
kseistrup
Hero Member
*****
Offline Offline

Activity: 566
Merit: 500


Unselfish actions pay back better


View Profile WWW
March 14, 2011, 06:35:44 AM
 #3
Quote from: grondilu on March 14, 2011, 06:16:17 AM
Basically with a self-signed certificate you just have to accept it the first time you connect to the website, and then, if later I'm being warned that the certificate is not the same anymore, then I can suspect there has been something smelly, and ask around about it.

In Chrome on Linux you have to accept it the first time, and Chrome will remember it until you shut down the browser.  Next time you open the browser you'll have to accept it again.

I think going for a CAcert or a StartSSL certificate is a good idea.

Cheers,
Klaus Alexander Seistrup
JollyGreen
Newbie
*
Offline Offline

Activity: 42
Merit: 0


View Profile
March 14, 2011, 06:42:09 AM
 #4
Quote from: grondilu on March 14, 2011, 06:16:17 AM

To me that sounds pretty much as good as relying on a third party "certificate authority".


I agree it is basically the same, but the later doesn't scare people with a warning.  I think enough people would pitch in for the SSL cost to make the issue go away, if money is the only problem.  I'm not aware of the past history of this request though.
caveden
Legendary
*
Offline Offline

Activity: 1106
Merit: 1004



View Profile
March 14, 2011, 08:44:24 AM
 #5
HTTPS is not default here. To have it, you need to explicit ask for it. People who don't even know what a certificate is would just remain in HTTP.
JollyGreen
Newbie
*
Offline Offline

Activity: 42
Merit: 0


View Profile
March 14, 2011, 09:19:44 AM
 #6
Quote from: caveden on March 14, 2011, 08:44:24 AM
HTTPS is not default here. To have it, you need to explicit ask for it. People who don't even know what a certificate is would just remain in HTTP.

Ha, ok, I just realized that, so what are the advantages to SSL for this site?  I don't login to access secure info, so I'm not that worried, what are others concerns?
Pages: [1]
  Print  
Bitcoin Forum > Bitcoin > Development & Technical Discussion > SSL again
 « previous topic next topic »
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!